Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cryptography, proposed modification to 6.6.4 related to (second) pre-image attacks #2500

Open
randomstuff opened this issue Jan 2, 2025 · 3 comments
Open

Cryptography, proposed modification to 6.6.4 related to (second) pre-image attacks #2500

randomstuff opened this issue Jan 2, 2025 · 3 comments
Assignees
@danielcuthbert
Labels
1) Discussion ongoing Issue is opened and assigned but no clear proposal yet Bart Preneel Issues raised from a crypto review by Bart Preneel (received via Aram H) V6 _5.0 - prep This needs to be addressed to prepare 5.0

Comments

@randomstuff
Copy link
Contributor

Current:

6.6.4 [ADDED] Verify that hash functions used in digital signatures are collision resistant and have appropriate bit-lengths to avoid attacks, such as collision or pre-image attacks.

Proposed by Bart Preneel:

6.6.4 [ADDED] Verify that hash functions used in digital signatures are collision resistant and have appropriate bit-lengths to avoid attacks, such as collision or (second) pre-image attacks. For (second) pre-image attacks, output lengths of at least 128 bits are required, while for collision resistance output lengths need to be at least 256 bits.
@randomstuff
Copy link
Contributor Author

I would have some homework to do to have a better understanding on this topic :)

This may not very easy to understand for the casual reader. Can we give some concrete examples?

@elarlang elarlang added the V6 label Jan 3, 2025
@tghosth tghosth added 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet _5.0 - prep This needs to be addressed to prepare 5.0 labels Jan 5, 2025
@tghosth
Copy link
Collaborator

tghosth commented Jan 5, 2025

I leave this up to @danielcuthbert's judgement, I am not sure about this one.

@tghosth tghosth added the Bart Preneel Issues raised from a crypto review by Bart Preneel (received via Aram H) label Jan 5, 2025
@unprovable
Copy link

Wouldn't MD5 be a very relevant example here?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danielcuthbert danielcuthbert

Labels
1) Discussion ongoing Issue is opened and assigned but no clear proposal yet Bart Preneel Issues raised from a crypto review by Bart Preneel (received via Aram H) V6 _5.0 - prep This needs to be addressed to prepare 5.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@randomstuff @danielcuthbert @unprovable @tghosth @elarlang