In other words, has there ever been a point in time in which having the content of a message has actually helped break a hash function?
Asked
Active
Viewed 179 times
1 Answers
8
Yes, it has happened. If you look at the SHA3 hash zoo, there are a number of hashes who has the best attack listed as "2nd preimage".
One general place this can occur is if you have a hash function with a weak message compression step, but a fairly strong finalization step. Here, we might not be able to generate first preimages (because we don't know what needs to be presented to the finalization step to generate that image), but we may be able to do a second preimage (because we attack the weak message compression, and generate the exact same data to the finalization).
poncho
- 154,064
- 12
- 239
- 382