[Cryptography] hash size
james hughes
hughejp at me.com
Thu Nov 1 12:50:10 EDT 2018
> On Oct 31, 2018, at 3:03 PM, jamesd at echeque.com wrote:
>
> Launching a birthday attack on a
perfectly secure
> 128 bit hash would involve generating 2^64 hashes and sorting them. This requires 3*2^67 bytes of disk. The largest readily available hard disk is 16 terabytes, so this would require thirty million hard disks, which is only a concern for state level attacks on very high value targets, although with continued progress in hard disks, will come within range for normal attackers, but only if a birthday attack generates major value for the attacker.
If you can guarantee that the hash is secure, sure. Running “at the edge” of security seems to be a dangerous thing to do.
Chosen-prefix collisions for MD5 and colliding X. 509 certificates for different identities <https://link.springer.com/content/pdf/10.1007/978-3-540-72540-4_1.pdf>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20181101/a5b92bce/attachment.html>
More information about the cryptography
mailing list