[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#13949: Aw: Re: bug#13949: fill-paragraph is buggy, but using MD5 is
From: |
Andreas Schwab |
Subject: |
bug#13949: Aw: Re: bug#13949: fill-paragraph is buggy, but using MD5 is even more buggy |
Date: |
Mon, 28 Mar 2016 16:31:32 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.0.92 (gnu/linux) |
"Petros Travioli" <travioli@gmx.de> writes:
>> > But that's exactly what happens when you are using hash functions to
>> > verify buffer equality, just with a more complicated mathematical
>> > formulation and at a slightly different scale.
>> >
>> > So don't use hash functions to a two-sided correct answer to test buffer
>> > equality. For a one-sided answer (if hash(x) != hash(y) then x != y), you
>> > are fine.
>>
>> There is a difference between a hash function and a cryptographic hash
>> function. An inportant property of a cryptographic hash function is the
>> avalanche effect, that means a small change in the plaintext will result
>> in a big change in the hash value. That makes such a hash function
>> suitable for the reverse condition x != y => hash(x) != hash(y), with a
>> very high probability of being true.
>>
> So far most old crypto functions have been broken. There is no doubt this
> will happen to any newer one sooner or later. If any single person would lose
> his work because of a random collision, this is an argument agains crypto
> hash functions.
This is irrelevant. See avalanche effect.
Andreas.
--
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."