paul at clubi.ie wrote:
> On Tue, 29 Aug 2006, Harry Duncan wrote:
>>> schemes exist for the generation of _meaningful_ collissions in
>> both MD5 and SHA1, the whole basis for trust, and trust paths /
>> chains is out the window.
>> That really depends on the mode they're used in...
>> The attacks require the attacker to control (in sense of being able
> to modify arbitrarily) /both/ sets of data for which a collision is
> desired. There is still no known first or second preimage attack on
> either MD5 or SHA-1, TTBOMK.
>> For public-key and MAC mode signatures, this means the attack is only
> meaningful if the attacker knows the secret key (the digest value is
> immutable unless one knows the secret key) in which case, the
> weakness in the digest algo makes no difference.
Your degree of verbosity on the subject far exceeds my understanding
of both the topic and the english language, but from the limited
knowledge that I do have of both, I understand that the basis for a
collission attack on the ciphers is always based on using two distinct
private keys, and not one as you suggest.
However, that is unimportant in the scheme of the latest attack. The
notion put forward is that two distinct keys can sign different
"meaningful" messages and end up with the same digital signature. The
attack is based on HTML rendering of the data, and hiding "garbage" in
the unrendered metadata in the file. So, the messages are only
meaningful when viewed as rendered data in a html viewer, but the raw
data reveals any amount of meaningless data making the attack readily
The solution to this problem is much simpler than Proinnsias's dual
signature approach, you simply need to take the file size into
consideration to beat this attack, as the attack will not render two
files of identical file size. This would render all variations on the
attack, ie. when its taken outside the realm of html, useless.
The world of cryptography is therefore saved without any miraculous
intervention from the world of matematics or the superior knowledge of
Jackma & Co ;-D
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!