1995-10-05 - Re: FORGED CANCELS of posts on n.a.n-a.m

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: gerdw@cougar.vut.edu.au (David Gerard)
Message Hash: 251cca1c95c7dc0a2006d940627bda81d6a631b8852bff9ef337f7402bb37ce7
Message ID: <199510051618.JAA26781@ix.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1995-10-05 16:18:36 UTC
Raw Date: Thu, 5 Oct 95 09:18:36 PDT

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 5 Oct 95 09:18:36 PDT
To: gerdw@cougar.vut.edu.au (David Gerard)
Subject: Re: FORGED CANCELS of posts on n.a.n-a.m
Message-ID: <199510051618.JAA26781@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:11 PM 10/5/95 +1000, you wrote:
>One thing that occurs to me: suppose I go to control, collect cancel messages,
>and build myself a collection of M1's that will work with a given M2?

MD5 produces a very random 128-bit output; you're not going to collect
any appreciable fraction of the 2**128 possible M2s.  As long as M1 is
even as simple as MD5(messageid,passphrase), it's pretty open territory.

Targeted attacks, however, are still possible, as long as M1 retains
the form MD5(known-stuff, passphrase) - assuming the user uses one of the
few hundred million wimpiest passphrases, you can search that moderately fast;
if you're willing to burn some resources, you might be able to take out
most of alt.religion.spam, at least until people use better passphrases.

The amount of work depends somewhat on whether you use
MD5(known-stuff, passphrase) or MD5(passphrase,known-stuff).
For the first case, the cracker would calculate the MD5 context
after doing known-stuff (once) and then grind away on passphrases.
For the second, the cracker could pre-compute a table of MD5 context
for the wimpy password list, and then add known-stuff to each.
Since known-stuff is probably longer than passphrases here,
the latter is probably more secure for this application.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






Thread