1. 8
    Understanding the Security of Cryptographic Hash Functions cryptography jeffcarp.com
    jeffcarp avatar authored by jeffcarp 3 years ago | cached | 6 comments

  1.  

  2. 3
    hanno avatar hanno 3 years ago | link

    The author seems to think that second preimage attack and collission attack are the same. They’re not.

    Second preimage attack: Given a hash function H and an input X find Y so that H(X)=H(Y) and X!=Y.

    Collission attack: Given only a hash function find X, Y so that H(X) = H(Y).

    This is a major difference. There are plenty of hash functions that are vulnerable to the second, but not the first (most notably MD5, SHA1).

    1. 1
      jeffcarp avatar jeffcarp 3 years ago | link

      My bad, thank you for pointing that out! I’ll update the post.

    2. 2
      jbert avatar jbert 3 years ago | link

      Is the birthday paradox correct in this case? We’re not looking for any two coins the same colour, we’re looking for a coin the same colour as the one we already have?

      1. 2
        jeffcarp avatar jeffcarp 3 years ago | link

        I think you’re right. The current metaphor describes a second preimage attack. I’ll update the post. Thank you.

      2. 1
        Zamicol avatar Zamicol 3 years ago | link

        Nice post Jeff.

        2^256 is about 10^77, which happens to be an estimate for the number of atoms in the universe.

        I really like your blog layout. Have you published the code?

        1. 1
          jeffcarp avatar jeffcarp 3 years ago | link

          Thanks! It’s using this Hugo theme https://github.com/htr3n/hyde-hyde with some tiny modifications.