From: Jon Seymour <jon.seymour@gmail.com>
To: Imre Simon <imres.g@gmail.com>
Cc: Jeff Garzik <jgarzik@pobox.com>, Petr Baudis <pasky@ucw.cz>,
Ray Heasman <lists@mythral.org>,
Git Mailing List <git@vger.kernel.org>,
Linus Torvalds <torvalds@osdl.org>, Imre Simon <is@ime.usp.br>
Subject: Whales falling on houses - was: Hash collision count
Date: Mon, 25 Apr 2005 08:25:32 +1000 [thread overview]
Message-ID: <2cfc40320504241525c4153c2@mail.gmail.com> (raw)
In-Reply-To: <68ff9fa6050424142416fbadcd@mail.gmail.com>
.>
> 1. Take your favorite text file, at least 160 characters long.
> 2. Choose 160 positions in this file.
> 3. For each position choose your favorite mispelling of that character.
> 4. Produce all 2^160 text files, all of the same length, choosing for
> each position either the original or the alternate character
> 5. Add an arbitrary file of the same length, different from the above
>
> Two of these files have the same sha1 hash. Or, for that matter, for
> any 160 bit hash the same is true.
If you were to create those files at 10^9 files per second, it would
take you 10^38 years before you were in position to take step 5. I am
about to turn 38 this week. Would that I could live to 10^38.
It's absolute rubbish to say that the best solution from an
<double-quote>engineering</double-quote> point of view is to eliminate
the infinitessimal possibility of a collision. Engineering is all
about assessing risk and making suitable trade-offs. Every day of the
week, "real" engineers accept life-threatening risks that put
thousands of peoples lives in danger. They do it because we live in a
world where risk cannot be eliminated, merely reduced to an acceptable
level.
I can't understand that you are a prepared to drive a car or fly in a
Boeing or Airbus that has a demonstrated risk of killing you, yet you
want to insist on eliminating a risk that at most might create an
interesting Slashdot headline: "Jolt-crazed programmer finds SHA1
collision - but later dies when whale falls on house".
jon.
--
homepage: http://www.zeta.org.au/~jon/
blog: http://orwelliantremors.blogspot.com/
next prev parent reply other threads:[~2005-04-24 22:20 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-23 20:27 Hash collision count Jeff Garzik
2005-04-23 20:33 ` Jeff Garzik
2005-04-23 23:00 ` Ray Heasman
2005-04-23 23:20 ` Jeff Garzik
2005-04-23 23:46 ` Petr Baudis
2005-04-24 0:35 ` Jeff Garzik
2005-04-24 0:40 ` Petr Baudis
2005-04-24 0:43 ` Jeff Garzik
2005-04-24 21:24 ` Imre Simon
2005-04-24 22:25 ` Jon Seymour [this message]
2005-04-25 23:50 ` Tom Lord
2005-04-26 0:00 ` Petr Baudis
2005-04-24 1:01 ` Ray Heasman
2005-04-24 7:56 ` David Lang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2cfc40320504241525c4153c2@mail.gmail.com \
--to=jon.seymour@gmail.com \
--cc=git@vger.kernel.org \
--cc=imres.g@gmail.com \
--cc=is@ime.usp.br \
--cc=jgarzik@pobox.com \
--cc=jon@zeta.org.au \
--cc=lists@mythral.org \
--cc=pasky@ucw.cz \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).