1994-07-04 - Re: MD5 is 1=>1?

Header Data

From: Roger Bryner <bryner@atlas.chem.utah.edu>
To: N/A
Message Hash: fe5e6023caac3f31673e761eb6988cd17f6869786c95bbc3579e2f2272aaa49b
Message ID: <Pine.3.89.9407041617.A7942-0100000@atlas.chem.utah.edu>
Reply To: <9407042142.AA28845@toxicwaste.media.mit.edu>
UTC Datetime: 1994-07-04 22:21:38 UTC
Raw Date: Mon, 4 Jul 94 15:21:38 PDT

Raw message

From: Roger Bryner <bryner@atlas.chem.utah.edu>
Date: Mon, 4 Jul 94 15:21:38 PDT
Subject: Re: MD5 is 1=>1?
In-Reply-To: <9407042142.AA28845@toxicwaste.media.mit.edu>
Message-ID: <Pine.3.89.9407041617.A7942-0100000@atlas.chem.utah.edu>
MIME-Version: 1.0
Content-Type: text/plain

On Mon, 4 Jul 1994, Derek Atkins wrote:
> is based upon the fact that *finding* two messages that hash to the
> same value is as difficult as a brute-force attack, which requires
> 2^128 trials (maybe it's 2^127, but I don't think that really
This is incorrect, with a large memory, this is the birthday paradox in 
action, and it takes about 2^64 tries, which puts SHS right up there at 
2^80 same as skipjack.

Even with less memory, you can still improve on this though not as much.

Roger, Mad Dog Libertarian, Bryner.