1 / 7

Astonishing Hash Collision Extremes and Improbabilities

Discover the astonishingly large number of possible hash values and complexities in hash algorithms like MD5 and SHA-1, making hash collisions nearly impossible. Explore the immense theoretical time frames required for randomly guessing a hash collision, showcasing the robustness of properly designed hash algorithms.

dcater
Download Presentation

Astonishing Hash Collision Extremes and Improbabilities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. If the hash algorithm is properly designed and distributes the hashes uniformly over the output space, "finding a hash collision" by random guessing is exceedingly unlikely (it's more likely that a million people will correctly guess all the California Lottery numbers every day for a billion trillion years). • This astonishing fact is due to the astonishingly large number of possible hashes available: a 128-bit hash can have 3.4 x 10^38 possible values, which is: 340,282,366,920,938,463,463,374,607,431,768,211,456 possible hashes

  2. 1 gig numbers / sec 1 gig = 10^9 = 2^30 128 bit will take 2^98 secs = 2^73 years = 10^20 years 100,000,000,000,000,000,000 years (1 year = 2^25 secs) atoms in the universe = 1078 to just under 1081 = i.e. 2246 to 2256

  3. Merkle Damgard Compression e.g. MD-5 uses 512 blocks of messages per round of compression, each broken into 4 stages (128 bits)

  4. One MD5 operation. MD5 consists of 64 of these operations, grouped in four rounds of 16 operations. (A,B etc = 32 bits) F is a nonlinear function; one function is used in each round. Mi denotes a 32-bit block of the message input, and Ki denotes a 32-bit constant, different for each operation. <<<s denotes a left bit rotation by s places; s varies for each operation. + denotes addition modulo 232.

  5. Hash collisions • Thought to be impossible • Only one known so far for a “good” algorithm • MD5 hash collision

  6. SHA-1: 160 bit hash • Start with 512 bit blocks of input, pad it if needed. • Expand to 80 32-bit subkeys (Wt) • Initialize some hash blocks (A, B, …E) • Use input to generate Wt, Kt is a constant. • F is a changeable functions, constructed from shifts, and XORs. • Do 80 rounds. Then use more input. • Can be made to be fast.

More Related