[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 is 1=>1?

To: Roger Bryner <[email protected]>
Subject: Re: MD5 is 1=>1?
From: Derek Atkins <[email protected]>
Date: Mon, 04 Jul 94 17:42:25 EDT
Cc: [email protected]
In-Reply-To: Your message of Mon, 04 Jul 94 11:06:43 -0600. <[email protected]>
Sender: [email protected]

MD5, like all hash functions, are many-to-one functions.  This means
that theoretically there are an infinite number of messages that will
hash to the same value.  This also means that reverting from the hash
back to your original message is nigh impossible.  The security of MD5
is based upon the fact that *finding* two messages that hash to the
same value is as difficult as a brute-force attack, which requires
2^128 trials (maybe it's 2^127, but I don't think that really
matters).

I dion't believe that multiple iterations of MD5 will cause you to
lose entropy.  Actually, you will lose entropy on teh *first*
iteration, since MD5 will \*only\* let you have 128 bits of Entropy,
since there are only 128 bits in the output.  In subsequent
iterations, you just move those bits around.

Does this answer your question?

-derek

         Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
       Member, MIT Student Information Processing Board (SIPB)
    Home page: http://www.mit.edu:8001/people/warlord/home_page.html
       [email protected]    PP-ASEL     N1NWH    PGP key available

Follow-Ups:
- Re: MD5 is 1=>1?
  - From: Roger Bryner <[email protected]>
- Re: MD5 is 1=>1?
  - From: Roger Bryner <[email protected]>
- Re: MD5 is 1=>1?
  - From: Roger Bryner <[email protected]>

References:
- MD5 is 1=>1?
  - From: Roger Bryner <[email protected]>

Prev by Date: RE: FW: A third voice re: science and spirit
Next by Date: Re: Detweiler clone at WSJ
Prev by thread: MD5 is 1=>1?
Next by thread: Re: MD5 is 1=>1?
Index(es):
- Date
- Thread