Re: Travis CI MITM RCE

[zugtprgfwprz () spornkuller de]

Hey Jakub,

On 18.10.2018 17:10, Jakub Wilk wrote:

> Nitpicking, but for an ideal n-bit hash function, on avergage you need
> 2ⁿ (not 2ⁿ⁻¹) evalutations of the function to find the preimage.

Huh, wow! I would also have had the gut-feeling of 2^(n-1) and had to
code a little program to verify the facts:

import hashlib
ps = [ ]
for q in range(20000):
        for p in range(10000):
                z = q | (p << 32)
                z = int.to_bytes(z, length = 8, byteorder = "little")
                if hashlib.md5(z).digest()[0] == 0:
                        break
        ps.append(p)
print(sum(ps) / len(ps))

And indeed, you're absolutely correct. Thanks for the comment!

Have a great weekend,
Joe