[Cryptography] Solving Matt's hash problem
John Levine
johnl at iecc.com
Sat Nov 19 10:53:52 EST 2022
It appears that Sam Hartman <hartmans at suchdamage.org> said:
>hashes that do make it easy to embed a fixed point. You could do
>something like look for a certain structure in the message being hashed
>and exclude from hashing a certain structure. For example look for
><hashgoeshere>abcdef09845...</hashgoeshere> and simply not include the
>contents of that tag in your hashing.
That seems to be the usual workaround. DKIM (RFC 6376) adds a
signature header to a mail message with a hash of group of headers
including the signature header itself. It does that by leaving out
the hash when hashing the header. I know nobody thought that was
new or clever at the time.
It sounds like the answer to my original preimage/fixed-point question
is that it is probably no different from any other preimage problem
but that particular variation hasn't gotten a lot of attention.
R's,
John
More information about the cryptography
mailing list