[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: DESCrack keyspace partitioning
>[email protected][SMTP:[email protected]] writes:
>Another thinking step: most real-world DES keys are derived from hashes.
>Not (P)RNGs.
>The distributions are **not** uniform.
Oh??
>I am talking about FAMILIES of predictable bit patterns in keys, not any
>specific pattern.
>I'm doing the stats.
[...snip...]
If you've discovered significant biases in MD5, or some other
crypto-strength hash, that could be exploited to speed a keyspace
search, that would be newsworthy indeed. I'm skeptical, but please
share your results with us.
[For context, Mike McNally wrote, in part]
>[...] a good
>32-bit CSPRNG has only a 1/2^32 chance of producing any particular
>bit pattern. Of course, another way of saying that is that it's just
>as likely to get an "obvious" bit pattern as it is to get any other
>one. You can't just throw away part of the keyspace based on such
>bogus reasoning. (There may be other reasons to throw away part of
>the keyspace, of course.)
Tunny
======================================================================
James A. Tunnicliffe | WWWeb: http://www.inference.com/~tunny
Inference Corporation | PGP Fingerprint: CA 23 E2 F3 AC 2D 0C 77
[email protected] | 36 07 D9 33 3D 32 53 9C
======================================================================