[14782] in cryptography@c2.net mail archive
Re: Are there...one-way encryption algorithms
daemon@ATHENA.MIT.EDU (Sidney Markowitz)
Wed Nov 19 14:32:47 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 18 Nov 2003 20:48:24 +1300
From: Sidney Markowitz <sidney@sidney.com>
To: Enzo Michelangeli <em@em.no-ip.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <02b501c3acbe$8bdd3680$0200a8c0@em.noip.com>
Enzo Michelangeli wrote:
> but the slight risk of collision,
> although practically negligible, is a bit irksome
If you quantify the "practically negligible" risk, it might be less
irksome: SHA-1 is a 160 bit hash. The birthday paradox says that you
would need to hash 2^80 different credit card numbers before you had a
50% probability of having even one collision in your database keys. Very
roughly that means you would need to have a trillion different credit
card numbers in your database in order to get as much as a one in a
trillion chance of a collision. You would probably find dealing with a
trillion different credit card numbers more irksome than the negligible
chance of a collision even that many would give you.
-- sidney
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
