Sean C. wrote: > I'm confused though. > I just read this article from the New York Times. As a newbie to encryption > and > hash algorithms I thought the idea behind hashes was that you couldn't > reconstruct the data from the hash.
You can't. But you can use the hash as a key to cross-reference information. For example, if they were using full names to generate the hash: Watch list contains: "Alex Mauer" -> foo "Billy Z Williamson" -> bar "Corgi McCorkerton" -> baz Passenger list contains: "Billy Z. Williamson" -> xyzzy "Alex Mauer" -> foo "Fenster LeCrab" -> baz ...they only need to compare the hashes, for the cruise ship company to see that "Alex Mauer" should not be allowed to board, and the government to see that "Alex Mauer" attempted to board a cruise ship. The government doesn't need to reveal their watch list to the cruise ship company, and vice versa. This also illustrates some problems with the system, namely hash collisions (two people generate the hash "baz") and the fact that slight changes in data will lead to totally different hashes (added period after middle initial). -Alex Mauer "hawke"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
