[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DESCrack keyspace partitioning



>[email protected][SMTP:[email protected]] writes:
>Another thinking step: most real-world DES keys are derived from hashes.
>Not (P)RNGs.
>The distributions are **not** uniform.
Oh??
>I am talking about FAMILIES of predictable bit patterns in keys, not any
>specific pattern.
>I'm doing the stats.
[...snip...]

If you've discovered significant biases in MD5, or some other
crypto-strength hash, that could be exploited to speed a keyspace
search, that would be newsworthy indeed.  I'm skeptical, but please
share your results with us.  

[For context, Mike McNally wrote, in part]
>[...] a good
>32-bit CSPRNG has only a 1/2^32 chance of producing any particular
>bit pattern.  Of course, another way of saying that is that it's just
>as likely to get an "obvious" bit pattern as it is to get any other
>one.  You can't just throw away part of the keyspace based on such
>bogus reasoning.  (There may be other reasons to throw away part of
>the keyspace, of course.)

Tunny
======================================================================
 James A. Tunnicliffe   | WWWeb: http://www.inference.com/~tunny
 Inference Corporation  | PGP Fingerprint:   CA 23 E2 F3 AC 2D 0C 77
 [email protected]    |                    36 07 D9 33 3D 32 53 9C
======================================================================