This link: https: //blog.csdn.net/px_farmer/article/details/52688806
on an article in the birthday paradox. To sum up, the nature of the birthday paradox is that, with the increase of the element, the probability of occurrence of repeating elements will grow at an alarming rate, but we underestimated its speed.
What is the birthday attack?
The problem birthday paradox is abstracted into a hash function, enter the classroom each person as a function of x, corresponding to each person's birthday as a function of output y, it can be written as H (x) = y, due to the 365 days a year, Therefore, the value of y can take the 365 species. This time we change the input x ranges, found that as long as the value of x number greater than 23, the incidence of collision y reached more than 50%.
In simple terms, the birthday attack is the possibility of using a hash function collision, try n times until finding a collision input. 40 is a far safer than the message digest of the specialty, about one million random Hash can find at least a 50% probability of a collision.
However, when I know the principles of the birthday attack, another problem arises in my mind. Birthday attack any practical sense? If the input given a hash (hash algorithm is an example of a hashing function, program encryption, signature count often used), an attacker can find another input to their collision, then this attack is certainly fatal. However, according birthday attack, the attacker can only find a pair collisions, and they are not related to existing data, and that they can play what role?
Until you see a post, I suddenly see the light (original paste the address: http: //bbs.kafan.cn/thread-1388224-1-1.html). The third floor which cited a vivid explanation:
“
A simple example
I will write a letter to:
This (LZ / landlord) a (veteran / expert), (all / Comrades) must (to / as) he studied
Then write a letter to
this (LZ / landlord) is (novice / rookie), (we / reply to you) remember (despise him / accompany him to play)
Note that the same word, according to a simple synonymous, I can generate 2 ^ N different combinations
when a large N when, for example, 64 pairs of synonyms, then:
to mean exactly the opposite of the two words, were obtained 2 ^ 64 different files
calculated digest groups, each 2 ^ 64
According birthday attack method, these two groups are likely to have a summary of group matches
Then I send you the first paragraph of a friend, let him digest of the signature. He would certainly agree with
me and then open out the second paragraph, claiming that your friends to sign it, that is, your friends call you agree that some
due digest these two are identical, then he can not be effective for their own excuse - it is easy to identify the third party, he yells at you for that part of the summary is signed
"
----------------
Disclaimer: This article is CSDN bloggers' -_- px" in the original article, follow the CC 4.0 BY-SA copyright agreement, reproduced, please attach the original source link and this statement.
Original link: https: //blog.csdn.net/px_farmer/article/details/52688806