[Cryptography] Collisions w/SHA-1 ~$100,000 TODAY
Scott Elcomb
psema4 at gmail.com
Sat Oct 10 12:41:22 EDT 2015
On Sat, Oct 10, 2015 at 11:40 AM, ianG <iang at iang.org> wrote:
> Can anyone provide a pointy-eared boss description of what a *freestart*
> collision is?
The closest I've found is "A freestart collision is a collision where
the attacker can choose the initialisation vector."
Source: <http://crypto.stackexchange.com/a/29696>
In the Damgard-Merkle construction for hash functions the compression
function takes as input:
* a message block and
* a chaining value.
For the very first block there is not previous "chaining value".
Instead a particular value, called an initialisation vector (IV) is
given.
A freestart collision is a collision where the attacker can choose the IV.
--
Scott Elcomb @psema4
http://www.pirateparty.ca/
More information about the cryptography
mailing list