lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 19 Feb 2005 11:11:22 +0100
From: exon <exon@...e.se>
To: bugtraq@...urityfocus.com
Subject: Re: Combining Hashes


Kent Borg wrote:
> Concatenating two different hashes, for example SHA-1 and MD5,
> apparently does not add as much security as one might hope.
> 
> What about more complicated compositions?  For example, a reader
> comment posted on Bruce Schneier's blog
> (http://www.schneier.com/blog/archives/2005/02/sha1_broken.html)
> suggests the following:
> 
> d1=SHA-1(data)
> d2=MD5(data)
> d3=SHA-1(d1+data+d2)
> 
> The final digest would be d1+d2+d3
> 
> (where "+" is concatenation)
> 
> 
> I admit I don't know why this might be significantly better than
> d1+d2, I was hoping someone here would.
> 

It's not. It's just backwards compatible with buffer sizes for programs 
that already handle SHA-1 (and presumably also MD5) hashes so that less 
and smaller changes are required to the code.

It's really quite clever, since the input would have to collide in both 
MD5 and SHA1 for it to collide in the final output.

> 
> -kb
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ