Re: collision vs. preimage attacks: policy for signing data created by others

On 10/5/2012 4:28 AM, Hubert Kario wrote: > I don't think there are any collisions for SHA-1 published The first SHA-1 collisions were published in 2005, somewhere in there. A team at Shengdong University discovered them. ___ Gnupg-users mailing list

Re: collision vs. preimage attacks: policy for signing data created by others

On Friday 05 of October 2012 01:13:54 Hauke Laging wrote: > Am Do 04.10.2012, 22:09:27 schrieb Hubert Kario: > > won't the answer to that depend on the hash in question? > > Probably. So the question could be changed to: For which hashes does the > value change and for which not? Limited to the ha

Re: collision vs. preimage attacks: policy for signing data created by others

Am Do 04.10.2012, 22:09:27 schrieb Hubert Kario: > won't the answer to that depend on the hash in question? Probably. So the question could be changed to: For which hashes does the value change and for which not? Limited to the hashes relevant for GnuPG operation. Is different data with the same

Re: collision vs. preimage attacks: policy for signing data created by others

Am Do 04.10.2012, 10:51:57 schrieb spam man: > So the question is... > > 1.) I have two different messages that have the same hash value (a > collision). >hash("foo") = abcdefg >hash("bar") = abcdefg > > 2.) Now you want to append identical new data to the messages and see i

Re: collision vs. preimage attacks: policy for signing data created by others

On Thursday 04 of October 2012 10:51:57 spam man wrote: > So the question is... > > 1.) I have two different messages that have the same hash value (a > collision). >hash("foo") = abcdefg >hash("bar") = abcdefg > > 2.) Now you want to append identical new data to the messa

Re: collision vs. preimage attacks: policy for signing data created by others

So the question is... 1.) I have two different messages that have the same hash value (a collision). hash("foo") = abcdefg hash("bar") = abcdefg 2.) Now you want to append identical new data to the messages and see if the new hashes would still be collisions? hash(

Re: collision vs. preimage attacks: policy for signing data created by others

Am Mo 24.09.2012, 19:06:17 schrieb Hauke Laging: Oh no – I am responding to my own email... > Given the much bigger difficulty of preimage attacks, would a rule make > sense not to sign a document that someone else has created (and thus been > given the opportunity for a collision attack)? The so

collision vs. preimage attacks: policy for signing data created by others

Hello, not a GnuPG specific problem but perhaps relevant to GnuPG users. Given the much bigger difficulty of preimage attacks, would a rule make sense not to sign a document that someone else has created (and thus been given the opportunity for a collision attack)? The solution would be to change