[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: FORGED CANCELS of posts on n.a.n-a.m
> One thing that occurs to me: suppose I go to control, collect cancel
> messages, and build myself a collection of M1's that will work with
> a given M2?
> That is, I can't actually invert the hashing function. But if a
> given hash function is standard, then I can eventually build up a
> collection of M1s for M2s that will let me cancel quite a few things
> I may want to. How many cancel messages come through in a day?
You would have to collect quite a few cancels just to get one pair of valid
hashes for a message you want to cancel... You don't even need to collect
cancels from control; you could just start hashing 128-bit strings until you
got one that hashed to M2. The catch is you would have to hash on the order
of 2^64 strings for MD5, for instance. That's a lot of hashing to cancel one
article... It's likely going to be much less work to try to guess the
passphrase used to generate M1. There is also a better than average chance
that the target used the same passphrase to lock multiple posts...