Lists Home |
Date Index |
On Friday 31 May 2002 07:43, Uche Ogbuji wrote:
> I'm no crypto honcho either, but from my lay understanding, modern
> cryptographically strong hashing renders such approaches pretty much
> useless. Knowing that the phrase "hello" appears somewhere in the
> plaintext has such an infinitesimal effect on the search space these days
> that you'd be better off dumpster diving. Knowing all the XML tags used in
> the plaintext would also provide but infinitesimal advantage.
> As your reading illustrates, this wasn't always the case: SHA and MD5 are
> recent inventions.
> Now I'll shut up and wait for the crypto wizards to wake up and disabuse us
> all of our innumerate notions.
SHA and MD5 and hashing are not related to 'cryptography' in the sense of
hiding information! No! No no no!
Hashing algorithms take an arbitrary sized block of bits and produce a
(usually) fixed size number which is (ideally) going to be different if you
try to change the input bits. This is used in tamper detection.
Cryptography, on the other hand, is about taking an arbitrary sized block of
bits and mapping it to another, usually of the same size as the input (but
sometimes bigger) in such a way that it can be reversed if you know a
'secret' but that the secret is hard to devise.
If anyone's really interested in this stuff, then this book is the Bible of