LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

LWN.net Weekly Edition for January 26, 2012

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

may not be as bad as it appears

may not be as bad as it appears

Posted Aug 18, 2004 18:47 UTC (Wed) by ncm (subscriber, #165)
In reply to: may not be as bad as it appears by ajax
Parent article: Crypto researchers abuzz over flaws (News.com)

In principle it only takes 20 bytes of carefully-chosen garbage added to any text to give a chosen SHA-1 signature, once you've broken it.

It's often pretty easy to find a place to put that much extra stuff, buried in an ELF section or debug annotation of an executable, in extra compression table entries of a tarball, even in text of a diff that you know patch will skip, and that a human would ignore knowing that patch skips it--e.g. in a .sig.

If it must be base64, you need 30 bytes, instead; or 40 bytes of hex, or 70 decimal digits. 14 common lower-case four-letter English words suffice.

(Log in to post comments)

may not be as bad as it appears

Posted Aug 18, 2004 20:32 UTC (Wed) by smoogen (subscriber, #97) [Link]

Dont you mean SHA-0 versus SHA-1?

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds