Re: compare-by-hash (was Re: sharing /etc/passwd)
Giorgos Keramidas wrote:
> There is one difference between ``looking for collisions'' and being
> bitten by undetected collisions though.
True. But if the best known collision-finding algorithm takes f(p) operations
in order to achieve a probability p of having found a collision, and you've
performed less than f(p) operations, then either the chance of you being bitten
by an undetected collision is less than p, or you've managed to improve upon the
best-known collision-finding algorithm.
For f(p) = 2^80 * sqrt(p), none of us are ever going to perform enough
operations to make the chance of stumbling across a collision by accident a
significant risk.
Colin Percival
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 10 之 16 篇):