How thorough are the hash breaks, anyway?

Ian Grigg iang at systemics.com
Thu Aug 26 19:22:26 EDT 2004


Daniel Carosone wrote:
> There is one application of hashes, however, that fits these
> limitations very closely and has me particularly worried:
> certificates.  The public key data is public, and it's a "random"
> bitpattern where nobody would ever notice a few different bits.
> 
> If someone finds a collision for microsoft's windows update cert (or a
> number of other possibilities), and the fan is well and truly buried
> in it.

Correct me if I'm wrong ... but once finding
a hash collision on a public key, you'd also
need to find a matching private key, right?

iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list