Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Month of Random Hashes: DAY THREE

From: Brian Dessent <brian () dessent net>
Date: Fri, 15 Jun 2007 13:17:24 -0700
"M.B.Jr." wrote:


but only one string can produce that md5 hash signature,
that sha1 hash signature, fucking that sha256 hash signature, fucking
that <any_other> hash signature, etc...


False.

If you specify multiple hash algorithms for a string it's conceptually
equivalent to making up a new hash function that is defined as having
the output that is the concatenated outputs of md5, sha1, sha256, and
whatever else our crapflooder is posting.

But this new composite-hash function still has an infinite number of
inputs and a finite number of outputs, just like any other hash
function.  And thus for any one particular output value there are still
an infinite number of corresponding inputs.  They may be harder to find
and they may be orders of magnitude larger, but they still exist at the
mathematical level.

Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: