Re: Uniquely identifying an Nmap install from NSE?

[Ron <ron () skullsecurity net>]

On 08/07/2009 05:36 PM, Brandon Enright wrote:
> It further occurs to me that we don't need collision-free hash.  In
> fact, if we hashed to say, 32 bits, then we'd almost certainly be
> collision free even with 300+ people banging on the same machine while
> at the same time, not providing enough uniqueness in the hash to
> actually brute force.
>
> That is,
>
> If you truncate a hash to 32 bits, as long as the domain of input
> greatly exceeds the domain of output then you can't be sure that you
> cracked to the actual original input of the hash.
>
> The question becomes, how many bits do we want?  I think we should
> design for up to 100 people hitting the machine at the same time, with
> a less than 1% chance that there will be any collisions in the
> resulting hash.
>
> Anybody feel like popping this into the binomial theorem to compute what
> we should truncate to?
>
> Brandon
That's a good point. Another thing to consider: not everybody has SSL 
support, so using a hash I can implement inline would be nice. I'm 
thinking like, CRC32 level.

--
Ron Bowes
http://www.skullsecurity.org/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org