http://www.perlmonks.org?node_id=386217


in reply to nitpick
in thread On showing the weakness in the MD5 digest function and getting bitten by scalar context

Not having followed the recognization of MD5's weakness(es), it looks as if your two strings differ by the significant bit on the 20th, 30th, etc bytes. That looks like someone mathematically broke MD5. Now, wouldn't SHA-n have a similar problem, but with a much larger sample set? Or, is it because the algorithm took liberties it shouldn't have taken?

------
We are the carpenters and bricklayers of the Information Age.

Then there are Damian modules.... *sigh* ... that's not about being less-lazy -- that's about being on some really good drugs -- you know, there is no spoon. - flyingmoose

I shouldn't have to say this, but any code, unless otherwise stated, is untested

Replies are listed 'Best First'.
Re^2: nitpick
by hardburn (Abbot) on Aug 27, 2004 at 16:38 UTC

    SHA-0 was shown to be weak by a similar technique, as well as a reduced form of SHA-1 (40 rounds instead of 80, IIRC). Since such discoveries tend to promote other deiscoveries along the same lines, there is cause to be distrustful of SHA-1. Don't Panic, but be distrustful.

    Basically, this is a good time to come up with a totally new hash algorithm, since most of the existing ones are based on MD4.

    "There is no shame in being self-taught, only in not trying to learn in the first place." -- Atrus, Myst: The Book of D'ni.

[reply]

In Section Meditations