[17158] in cryptography@c2.net mail archive
What is to be said about pre-image resistance?
daemon@ATHENA.MIT.EDU (David Wagner)
Fri Mar 25 12:49:57 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: David Wagner <daw@cs.berkeley.edu>
To: cryptography@metzdowd.com
Date: Fri, 25 Mar 2005 08:47:46 -0800 (PST)
Ian G writes:
>Collision resistance of message digests is effected by the birthday
>paradox, but that does not effect pre-image resistance. (correct?)
>
>So can we suggest that for pre-image resistance, the strength of
>the SHA-1 algorithm may have been reduced from 160 to 149?
Well, I'm not sure that the difference between 2^160 and 2^149
would be very significant in practice, even if there were some
redunction like this, but--
As far as I can tell, the pre-image resistance of SHA1 has not been
significantly threatened by these attacks, or at least, the authors
do not claim any results on pre-image resistance of SHA1.
http://www1.ietf.org/mail-archive/web/cfrg/current/msg00790.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
