On Tue, Aug 29, 2006 at 05:53:12PM +0100, Harry Duncan wrote:
> kevin lyda wrote:
> >That's nice. But you're missing the point. What you've described is
> >impossible mathematically.
>> Quit correct Kevin. The biggest upset to cryptography has always been
> the emergence of collissions in the hashing algorithms, and they've
> always been quite correctly dismissed as "meaningless", but now that
> schemes exist for the generation of _meaningful_ collissions in both
> MD5 and SHA1, the whole basis for trust, and trust paths / chains is
> out the window.
>> If it relies on trust / trust chains, it can no longer be done, not
> until the maths world come up with some new scheme.
>Are there even theoretical collisions that result in both the same MD5
*and* SNA1 hash for the message(s) in question ?
If not - surely just a twin-hash approach would solve a multitude of
immediate problems - with todays' tools ?
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!