[193883] in North American Network Operators' Group
Re: SHA1 collisions proven possisble
daemon@ATHENA.MIT.EDU (Matt Palmer)
Wed Mar 1 22:49:23 2017
X-Original-To: nanog@nanog.org
Date: Thu, 2 Mar 2017 14:49:12 +1100
From: Matt Palmer <mpalmer@hezmatt.org>
To: nanog@nanog.org
In-Reply-To: <58B79494.6080909@foobar.org>
Errors-To: nanog-bounces@nanog.org
On Thu, Mar 02, 2017 at 03:42:12AM +0000, Nick Hilliard wrote:
> James DeVincentis via NANOG wrote:
> > On top of that, the calculations they did were for a stupidly simple
> > document modification in a type of document where hiding extraneous
> > data is easy. This will get exponentially computationally more
> > expensive the more data you want to mask. It took nine quintillion
> > computations in order to mask a background color change in a PDF.
> >
> > And again, the main counter-point is being missed. Both the good and
> > bad documents have to be brute forced which largely defeats the
> > purpose. Tthose numbers of computing hours are a brute force. It may
> > be a simplified brute force, but still a brute force.
> >
> > The hype being generated is causing management at many places to cry
> > exactly what Google wanted, “Wolf! Wolf!”.
>
> The Reaction state table described in
> https://valerieaurora.org/hash.html appears to be entertainingly accurate.
With particular reference to the "slashdotter" column.
- Matt
