Re: SHA-1 broken

[<securityfocus () microtechnical co uk>]

In-Reply-To: <011401c51541$fdafedb0$0400a8c0@p14n>

I think Thomas has a good point here. We must separate the academic mathematical arguement about collisions from it's 
application in the real world. It may be that there are collisions in both MD5 and SHA-1 but have they any actual 
bearing on the use and application of these hashes in the real world?

In human fingerprint forensics it is possible for 2 finger prints to be 'apparently' identical. However if we are 
looking for a 'cat burgular' in Los Angeles and the 'identical' match is from a 6 year old boy in Cape Town the 
collision in this case is academic. 

In much the same way if the original text was 'I owe you 1 million dollars' and the collision text was 
'sdf86*&6989h,mni lkj99j' its not significant.

Both MD5 and SHA-1 are still useful in the real world.

Nick Pringle


> Hey all,
>
> > We abandon the requirement of collision resistance. This is a strange 
> > requirement, and is not supported by experience. Collision resistance 
>
> we might think of changing the requirement of collision resistance
> to "collision resistance in input data that is valid ASCII text". The
> attacks on MD5 used the weak avalanche of the highest-order bit
> in 32-bit words for producing the collision, basically precluding the
> possibility of generating colliding ASCII text.
>
> Cheers,
> Thomas Dullien