[Cryptography] Bloom filter question
John Levine
johnl at iecc.com
Sat Aug 2 15:04:27 EDT 2025
For a mail security thing I am working on, I would like to encode the addresses
the message was sent to as part of the signature in a way that makes it easy to
check if an address is in the signature, but hard to recover the addresses from
the signature. This seems like a job for a Bloom filter. Looking at the
Wikipedia article, if I expect to have up to 10 addresses, it appears 128
bits and 16 hash functions would be plenty. So I have to find 16 different hash
functions.
So how about this: I make an MD5 hash of an address, break that up into 16 bytes,
and use the 7 low bits of each byte as the bit index. Is it reasonable to use
the 16 bytes of an MD5 hash as 16 different mini-hashes?
I realize that MD5 is far from state of the art, but it is about twice as fast
as SHA-2, and Bloom filters by their nature have occasional false positives,
which is OK for this application. I don't think I care if someone can invent an
implausible address that happens to hash the same as a real one.
R's,
John
More information about the cryptography
mailing list