What is to be said about pre-image resistance?
David Wagner
daw at cs.berkeley.edu
Fri Mar 25 11:47:46 EST 2005
Ian G writes:
>Collision resistance of message digests is effected by the birthday
>paradox, but that does not effect pre-image resistance. (correct?)
>
>So can we suggest that for pre-image resistance, the strength of
>the SHA-1 algorithm may have been reduced from 160 to 149?
Well, I'm not sure that the difference between 2^160 and 2^149
would be very significant in practice, even if there were some
redunction like this, but--
As far as I can tell, the pre-image resistance of SHA1 has not been
significantly threatened by these attacks, or at least, the authors
do not claim any results on pre-image resistance of SHA1.
http://www1.ietf.org/mail-archive/web/cfrg/current/msg00790.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list