4

I know that message collisions are supposed to be hard to calculate for a good cryptographic hash.

Given 1k worth of data, it's hard to find another 1k worth of data that collides with the same hash.

But doesn't it become much easier when the message becomes variable length? I.e. it's easier to find a collision in 0-1G of data to 1k of data than it is to find one that is also exactly 1k of data.

Does knowing the intended size of the message increase the strength of USING the hashing function? I.e. a message has to be between 1k and 4k.

CodesInChaos
  • 25,121
  • 2
  • 90
  • 129
Rahly
  • 141
  • 2

1 Answers1

3

The short answer is that for any secure hash it is impossible to generate collisions or second preimages, regardless of message length.

If you look at theoretical attacks, however, message length can be a factor. When looking for another message that hashes to the same value as a specific message you are talking about second preimage resistance (or target collision resistance) and there the length of the target message may matter. For example, with Merkle-Damgård hash functions there are attacks that find second preimages for messages faster the longer they are.

With a collision attack, where you look for any pair of messages hashing to the same value, I do not know of a case where message length matters. Beyond allowing enough input length to exhibit collisions, of course: finding e.g. 1-byte collisions is impossible.

Community
  • 1
otus
  • 32,462
  • 5
  • 75
  • 167