|
|
|
|
|
|
by IncRnd
1675 days ago
|
|
|
I never wrote shattered is a preimage attack. What I wrote is exactly correct. There are multiple preimage attacks, neither of which I referenced. A first preimage is where one searches for h(m1)=h(m2). A second preimage attack is where, given m1, find m2 such that h(m1)=h(m2). It's best not to give the incorrect impression when discussing something exact. As with any crypto, the construction is either valid or not, but it is actually the use of the construction that determines real world correctness. For example, if SHA-1 is used over input where there is known data in specific positions, that is quite different to SHA-1 over unknown data. In pratice, the first is often the case. |
|
|