对于这种哈希方法,“没有发现碰撞”什么意思? [英] What does "no collisions have been found yet for this hashing method" even mean?
问题描述
我的意思是我不需要寻找实际的碰撞,知道它们存在。如果没有碰撞,那么你将如何获得固定长度的结果?这就是为什么我不明白人们声称'md5是不安全的是什么意思!有人发现碰撞!',或类似的东西。
我唯一能想到的是,碰撞搜索只会查找字典中的单词,例如:If'dog '和'house'共享相同的哈希值,这将是一个愚蠢的哈希方法IMO。它也可以查找长度< X,是5-10之间的东西(人们可以记住的密码)
我完全错了吗?
实际上,这不是关于是否找到单个样本,而是关于一种方法。这些可以基于一些属性如果你散列长度为N的值,以......结尾,等等,你将得到相同的散列(愚蠢的例子),或者基于某种算法有这个散列/值,这个是你如何通过同样的散列获得新的价值。
碰撞当然会一直存在,但有趣的问题是如何找到它们。我不确定你引用的声明的来源是什么,但我确定它应该实际上意味着找不到用于此哈希方法的碰撞的实际方法。
I mean I don't need to look for the actual collisions, to know they exist. If there weren't collisions, then how would you have fixed-length results? That's why I don't understand what people mean when they claim 'md5 is insecure! someone found collisions!', or something like that.
The only thing I can think of, is that the collision search only looks for dictionary words, eg: If 'dog' and 'house' share the same hash, it would be a stupid hashing method IMO. It could also look for strings with a length < X, being X something between 5-10 (passwords that people could remember)
Am I totally wrong?
In practice, it's not about whether a single sample was found, but about a method. These can be either based on some property "if you hash values of length N, ending with ..., etc. you will get the same hash" (silly example), or based on some algorithm "having this hash / value, this is how you get a new value with the same hash".
Collisions will of course always exist, but the interesting problem is how to find them. I'm not sure what is the source of that claim you quoted, but I'm pretty sure it was supposed to actually mean "no practical way to find collisions has been found yet for this hashing method".
这篇关于对于这种哈希方法,“没有发现碰撞”什么意思?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
