[Cryptography] Possible SHA2 vulnerability
Phillip Hallam-Baker
phill at hallambaker.com
Sat Jul 1 10:50:45 EDT 2017
On Thu, Jun 29, 2017 at 9:30 PM, Ben Laurie <ben at links.org> wrote:
>
>
> On 29 June 2017 at 18:56, Phillip Hallam-Baker <phill at hallambaker.com>
> wrote:
>
>>
>>
>> On Wed, Jun 28, 2017 at 12:09 PM, Ron Garret <ron at flownet.com> wrote:
>>
>>>
>>> On Jun 28, 2017, at 9:00 AM, Ron Garret <ron at flownet.com> wrote:
>>>
>>> > https://github.com/laie/WorldsFirstSha2Vulnerability
>>>
>>> Turns out to be a false alarm.
>>>
>>> https://crypto.stackexchange.com/questions/48580/fixed-point
>>> -of-the-sha-256-compression-function
>>>
>>> Oh well, learn something new every day.
>>>
>>
>> I am confused. Since when did SHA-256 have an initialization vector?
>>
>
> Since forever? But it is fixed.
>
>
Thats not something I think of as an IV because it is fixed.
I was trying to work out how someone could have mistakenly thought that
there was an issue or for that matter what the issue was.
Did I tell you about the time I broke 'MD5'? I was reading Bruce's book,
trying to work out how the function worked and trying to solve it
algorithmically and to my great surprise, succeeding.
Turns out, that the version in the first edition is wrong, it misses out a
critical addition term that is the thing that makes everything go
non-linear. Fortunately, I checked the RFC before going down the hall to
ask Rivest. When I told him about it, his response was 'well those addition
terms are very important'.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170701/92653558/attachment.html>
More information about the cryptography
mailing list