Re: [Gen-art] Gen-ART Telechat Review of draft-ietf-csi-hash-threat-09
Ana Kukec <anchie@fer.hr> Wed, 10 March 2010 06:56 UTC
Return-Path: <anchie@fer.hr>
X-Original-To: gen-art@core3.amsl.com
Delivered-To: gen-art@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3A6053A6832 for <gen-art@core3.amsl.com>; Tue, 9 Mar 2010 22:56:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fWFJWBO+i0NA for <gen-art@core3.amsl.com>; Tue, 9 Mar 2010 22:56:51 -0800 (PST)
Received: from munja.zvne.fer.hr (munja.zvne.fer.hr [161.53.66.248]) by core3.amsl.com (Postfix) with ESMTP id 063B03A6872 for <gen-art@ietf.org>; Tue, 9 Mar 2010 22:56:50 -0800 (PST)
Received: from sluga.fer.hr ([161.53.66.244]) by munja.zvne.fer.hr with Microsoft SMTPSVC(6.0.3790.3959); Wed, 10 Mar 2010 07:56:54 +0100
Received: from anchie-MacBook.local ([222.228.90.224]) by sluga.fer.hr with Microsoft SMTPSVC(6.0.3790.3959); Wed, 10 Mar 2010 07:56:53 +0100
Message-ID: <4B9742B1.7080709@fer.hr>
Date: Wed, 10 Mar 2010 07:56:49 +0100
From: Ana Kukec <anchie@fer.hr>
User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812)
MIME-Version: 1.0
To: Suresh Krishnan <suresh.krishnan@ericsson.com>
References: <274D46DDEB9F2244B2F1EA66B3FF54BC0657FA78@de01exm70.ds.mot.com> <4B971860.4060507@ericsson.com>
In-Reply-To: <4B971860.4060507@ericsson.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 10 Mar 2010 06:56:53.0742 (UTC) FILETIME=[DDDF20E0:01CAC01E]
X-Mailman-Approved-At: Wed, 10 Mar 2010 06:02:56 -0800
Cc: "gen-art@ietf.org" <gen-art@ietf.org>, "draft-ietf-csi-hash-threat.all@tools.ietf.org" <draft-ietf-csi-hash-threat.all@tools.ietf.org>
Subject: Re: [Gen-art] Gen-ART Telechat Review of draft-ietf-csi-hash-threat-09
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Mar 2010 06:56:52 -0000
Hi all, Pete, thank you for the comments. I've changed the draft and took into account all the comments from this email. Some comments are below, inline. Suresh Krishnan wrote: > >> >> >> Introduction: >> There is a great variaty of hash functions, but only MD5 and SHA-1 >> are in the wide use, which is also the case for SEND >> This sentence makes a statement about MD5 and SHA-1 being the only >> widely >> used hash functions, but I can't figure out what it is saying about >> SEND. >> Is it saying that SEND is widely used? Or did you mean to say that SEND >> implementations typically only implement MD5 and SHA-1? > > The latter. I propose changing the text to > > "There is a great variety of hash functions, but only MD5 and SHA-1 > are widely used. SEND implementations also typically use these two > hash algorithms." > I've changed the text according to your suggestion Suresh. > > >> But this sentence is just plain >> incorrect (see below). >> Due to >> the birthday attack, if the hash function is supplied with a random >> input, it returns one of the k equally-likely values, and the number >> of operations can be reduced to the number of 1.2*2^(n/2) operations. >> There is no "birthday attack." And I think you meant 2^n instead of k. >> The result you give is due to an equation that is commonly illustrated >> with >> a problem known as the "birthday paradox." > > Right. A birthday attack is an attack that exploits the mathematics > behind the birthday paradox. It is a fairly commonly used term. Would > you like me to change something? That's right -- birthday attack is common term, but only in cryptography. I was relying on Bruce Schneier's book "Applied cryptography" where he uses both the term "birthday attack" and the equation. Maybe i can make the sentence more clear: "Due to the birthday attack, if the hash function is supplied with a random input, it returns one of the equally-likely n-bit hash values, and the number of operations can be reduced to the number of 1.2*2^(n/2) operations." Other comments are fixed. Ana
- [Gen-art] Gen-ART Telechat Review of draft-ietf-c… McCann Peter-A001034
- Re: [Gen-art] Gen-ART Telechat Review of draft-ie… Suresh Krishnan
- Re: [Gen-art] Gen-ART Telechat Review of draft-ie… Ana Kukec
- Re: [Gen-art] Gen-ART Telechat Review of draft-ie… McCann Peter-A001034