Re: [openpgp] Fingerprints and their collisions resistance
Christian Aistleitner <christian@quelltextlich.at> Fri, 04 January 2013 22:21 UTC
Return-Path: <christian@quelltextlich.at>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4BCB21F8AB7 for <openpgp@ietfa.amsl.com>; Fri, 4 Jan 2013 14:21:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.43
X-Spam-Level:
X-Spam-Status: No, score=-1.43 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_AT=0.424, HOST_EQ_AT=0.745]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pIJ1r7dyqQVN for <openpgp@ietfa.amsl.com>; Fri, 4 Jan 2013 14:21:28 -0800 (PST)
Received: from mail.lirum.at (mail.lirum.at [85.10.202.101]) by ietfa.amsl.com (Postfix) with ESMTP id 14C2321F8A8F for <openpgp@ietf.org>; Fri, 4 Jan 2013 14:21:28 -0800 (PST)
Received: from step ([192.168.129.2] helo=localhost) by mail.lirum.at with esmtp (Exim 4.77) (envelope-from <christian@quelltextlich.at>) id 1TrFeQ-0003UI-CF; Fri, 04 Jan 2013 23:22:06 +0100
Date: Fri, 04 Jan 2013 23:21:25 +0100
From: Christian Aistleitner <christian@quelltextlich.at>
To: Andrey Jivsov <openpgp@brainhub.org>
Message-ID: <20130104222125.GA26665@quelltextlich.at>
References: <50E530D6.6020609@brainhub.org> <D3684BB5-FDC6-4834-8FAE-C482A25E3FB0@callas.org> <50E5D6AA.6060200@brainhub.org> <874nixev2u.fsf@vigenere.g10code.de> <50E61486.9010209@brainhub.org> <20130104105328.GA5156@quelltextlich.at> <50E733F4.90400@brainhub.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="OXfL5xGRrasGEqWY"
Content-Disposition: inline
In-Reply-To: <50E733F4.90400@brainhub.org>
Cc: openpgp@ietf.org
Subject: Re: [openpgp] Fingerprints and their collisions resistance
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jan 2013 22:21:28 -0000
Hi Andrey, On Fri, Jan 04, 2013 at 11:56:36AM -0800, Andrey Jivsov wrote: > On 01/04/2013 02:53 AM, Christian Aistleitner wrote: > > Do you have any data / research underpinning this 51 (Besides > > Wikipedia)? > > > > After all, the cited Wikipedia page links to the retracted variant of > > an article :-( > > > > Otherwise, the best /theoretical/ result that I know of is just > > above 60. > > It looks like this is from the paper "Classification and Generation of > Disturbance Vectors for Collision Attacks against SHA-1" > published in 2011 in Designs, Codes and Cryptography > [...] I guess you are aware of the fact that in recent variants of the article, the 51 is gone and that there is a reason why I wrote “retracted variant” in my original mail :-) > Should we rather say that the _practical_ value is about 60 [...] > http://www.schneier.com/blog/archives/2012/10/when_will_we_se.html Practical has more than just one meaning, just as theoretical :-) As the post you reference only says If Stevens' attack of $2^{60}$ SHA-1 operations serves as the baseline [...] and does not say that “Stevens' attack” is practical (or “practical” in what sense), I am convinced you have read in Stevens' research to underpin your claim. For example you might have come across Stevens' 2012 PhD thesis and have read passages as [...] and this chosen-prefix collision attack against SHA-1 remains a theoretical attack. in section 7.7.3 (but that's somewhat out of context), or more general statements as [...] even though no practical collision attacks against SHA-1 or actual colliding messages are known yet. from section 8.4. But be things as they may, if you know better than Stevens himself and can make his results even more practical, please step up and share your work. All the best, Christian -- ---- quelltextlich e.U. ---- \\ ---- Christian Aistleitner ---- Companies' registry: 360296y in Linz Christian Aistleitner Gruendbergstrasze 65a Email: christian@quelltextlich.at 4040 Linz, Austria Phone: +43 732 / 26 95 63 Fax: +43 732 / 26 95 63 Homepage: http://quelltextlich.at/ ---------------------------------------------------------------
- [openpgp] Fingerprints and their collisions resis… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… Nicholas Cole
- Re: [openpgp] Fingerprints and their collisions r… Jon Callas
- Re: [openpgp] Fingerprints and their collisions r… Arturo 'Buanzo' Busleiman
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Tony Hansen
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Werner Koch
- Re: [openpgp] Fingerprints and their collisions r… Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… Christian Aistleitner
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… jbar
- Re: [openpgp] Fingerprints and their collisions r… Christian Aistleitner
- Re: [openpgp] Fingerprints and their collisions r… Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… ianG
- Re: [openpgp] Fingerprints and their collisions r… Jon Callas
- Re: [openpgp] Fingerprints and their collisions r… Werner Koch
- Re: [openpgp] Fingerprints and their collisions r… Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints and their collisions r… Jon Callas
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Andrey Jivsov
- Re: [openpgp] Fingerprints and their collisions r… Werner Koch
- Re: [openpgp] Fingerprints and their collisions r… Werner Koch
- Re: [openpgp] Fingerprints and their collisions r… Bill Frantz
- Re: [openpgp] Fingerprints and their collisions r… Jon Callas
- Re: [openpgp] Fingerprints and their collisions r… Nicholas Cole
- Re: [openpgp] Fingerprints and their collisions r… ianG