[Cryptography] blake2b 160

Jonathan Thornburg jthorn4242 at gmail.com
Sat Jan 5 11:29:05 EST 2019 

On Sat, Jan 05, 2019 at 10:16:40AM +0800, jamesd at echeque.com wrote:
> Obviously a nation state can calculate 2^80 hashes easily enough, but in
> order to find which two of them can collide would need to store and sort
> 2^80 hashes, which looks to me to be far beyond the resources of any present
> nation state, or the likely resources of any nation state in the reasonably
> foreseeable future.

Would the following method provide a practical-for-the-NSA attack?

https://www.semanticscholar.org/paper/Parallel-hash-collision-search-by-Rho-method-with-Weber-Zhang/a953b65f6feb9dae15f5cb0d9458579836a1199e

Parallel hash collision search by Rho method with distinguished points

  Brian Weber, Xiaowen Zhang
  Published 2018 in 2018 IEEE Long Island Systems, Applications and...

In this paper, we realized a memory efficient general parallel
Pollard's rho method for collision search on hash functions introduced
by Van Oorschot and Wiener in 1996. This utilizes the principles
of the birthday paradox to greatly increase the probability of a
finding a collision, while using significantly less memory than the
classic birthday attack, and allowing a larger portion of the subject
hash function to be searched before running out of memory by saving
only a few select digests called distinguished points. Using our
implementation, we are able to find an average of 50 MD5 half
collisions in the first hour of searching using a distributed memory
high performance computing system called Penzias (one of CUNY HPC
systems) on 32 processors. We then extend the technique with Cyrillic
character replacement to search for meaningful MD5 half collisions.
Next we analyze and measure how the performance of our implementation
scales with different processor counts. Finally, we experiment with
how the rarity of distinguished points affects the rate at which
collisions are found at varying numbers of processors. LESS


full paper (paywalled) at
   https://ieeexplore.ieee.org/document/8378028

-- 
-- "Jonathan Thornburg [remove -animal to reply]" <jthorn at astro.indiana-zebra.edu>
   Dept of Astronomy & IUCSS, Indiana University, Bloomington, Indiana, USA
   "There was of course no way of knowing whether you were being watched
    at any given moment.  How often, or on what system, the Thought Police
    plugged in on any individual wire was guesswork.  It was even conceivable
    that they watched everybody all the time."  -- George Orwell, "1984"

More information about the cryptography mailing list