| |||||||||||||
|
| |||||||||||||
Algorithmic compexity attacksAlgorithmic compexity attacksPosted Jun 5, 2003 11:00 UTC (Thu) by NRArnot (subscriber, #3033)Parent article: Algorithmic compexity attacks Surely an answer (if not the answer) is to make the hashes depend on an entropic random number generated within the subsystem at incarnation, and using an algorithm such that without the privilege to extract that number from the guts of the system in question, a vandal won't be able to work out the input data stream that breaks the system. As an example (simplistic) if the hash were the XOR of the bytes of a string, a vandal could generate a list of inputs which yield the same hash. If the hash were of the concatenation of the string with a random byte, he'd have to try all 256 possibilities for that byte. If the hash were more sophisticated and the random number 64 bits (MD5 as an extreme) he'd not be able to try all possibilities, and knowing the algorithm (MD5) without knowing the 64 random bits would not help. The problem then becomes one of keeping a secret secret from the attackers.
(Log in to post comments)
Algorithmic compexity attacks Posted Jun 5, 2003 11:43 UTC (Thu) by fergal (subscriber, #602) [Link] Using some random element may help but the scheme you gave as an example doesn't help. With the XOR hash, if two strings A and B hash to the same value then they'll still hash to the same value when they have the random byte appended. Using md5 instead of XOR would prevent that. So it's a good solution but it still depends on have a good algorithm.
|
|
||||||||||||