1. 5
    Sha256 vulnerability for full rounds. Free-start collision attack + circular hash attack security github.com
    qbit avatar via qbit 1 year ago | cached | 4 comments

  1.  

  2. rain1 avatar rain1 edited 1 year ago | link

    [Comment removed by author]

    1. 4
      sangy avatar sangy 1 year ago | link

      I think one of the replies is also really informative:

      To abuse this property you need to get the state of the hash to match a state you get when running the decryption of the blockcipher underlying the compression function. Finding such a match requires a meet-in-the-middle attack with cost $2^{n/2}$ and thus isn’t cheaper than finding a collision.

    2. 8
      colindean avatar colindean 1 year ago | link

      I feel like an “inaccurate” tag would be in order.

      1. 5
        FioraAeterna avatar FioraAeterna 1 year ago | link

        It feels slightly odd that there’s an “incorrect” downvote for posts, but no “incorrect” flag for articles.

        1. 2
          qbit avatar qbit 1 year ago | link

          I’d add it if it existed :D