[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: computer-go: Authenticating the identity of a remote go-playing computer program

To: computer-go@xxxxxxxxxxxxxxxxx
Subject: Re: computer-go: Authenticating the identity of a remote go-playing computer program
From: David Stafford <david_stafford@xxxxxxxxx>
Date: Wed, 6 Dec 2000 11:56:03 -0800 (PST)
Reply-to: computer-go@xxxxxxxxxxxxxxxxx
Sender: owner-computer-go@xxxxxxxxxxxxxxxxx

I'm afraid I'm stepping into something I'll regret but I don't
want to let this one pass:

> This is complete nonsense.  So I challenge you to create a text
> file or document that matches this checksum using md5:
> 
>   cc07388b323368808343a852538aea42
> 
> You obviously  don't  realize what cryptographically  secure
checksums
> are all about.   THE WHOLE POINT  is that you are  not supposed
 to  be
> able  to  create   a document  that   matches this  checksum, 
> even  a completely nonsense document.
> 
> If  you somehow  manage  to actual do  this,  then you will  be
> richly rewarded with fame (and possibly fortune) in the science
> community.
> 
> I don't  make bets  because I  consider  it a  type  of greed,
> but  in principle I  could make a  whopper of one here, and  my
money
> would be extremely safe.

You might want to research the counting argument for data
compression.  You can find a description of it here:

http://www.landfield.com/faqs/compression-faq/part1/

If one signature could match one and only one file then we would
have a remarkably good compression method (just send the
signature) but it would also violate the counting argument.

Any signature of N bits can only represent, uniquely, a message
of N bits.  For each additional bit added to the message the
signature will represent two more possible messages.  For
example, a 32-bit signature would match a random message with a
probability of one in 4 billion.  Longer signatures result in
smaller probability of a mismatch.  The 128-bit MD5 signature
will match one in 2^128 messages.  That is a very low
probability, for sure, but it doesn't uniquely represent one and
only one message.

-Dave

--- Don Dailey <drd@xxxxxxxxxxxxxxxxx> wrote:
> 
> > Basically, I am going to adjust junk programm sections to
> make the checksum 
> > the same. 
> 
> James,
> 
> This is complete nonsense.  So I challenge you to create a text
> file
> or document that matches this checksum using md5:
> 
>   cc07388b323368808343a852538aea42
> 
> You obviously  don't  realize what cryptographically  secure
> checksums
> are all about.   THE WHOLE POINT  is that you are  not supposed
> to  be
> able  to  create   a document  that   matches this  checksum, 
> even  a
> completely nonsense document.
> 
> If  you somehow  manage  to actual do  this,  then you will  be
> richly
> rewarded with fame (and possibly fortune) in the science
> community.
> 
> I don't  make bets  because I  consider  it a  type  of greed,
> but  in
> principle I  could make a  whopper of one here, and  my money
> would be
> extremely safe.
> 
> Don

__________________________________________________
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/

Follow-Ups:
- Re: computer-go: Authenticating the identity of a remote go-playing computer program
  - From: Don Dailey
- Re: computer-go: Authenticating the identity of a remote go-play
  - From: tjohnson

Prev by Date: Re: computer-go: Authenticating the identity of a remote go-playing computer program
Next by Date: Re: computer-go: Authenticating the identity of a remote go-playing computer program
Previous by thread: Re: computer-go: Authenticating the identity of a remote go-playing computer program
Next by thread: Re: computer-go: Authenticating the identity of a remote go-play
Index(es):
- Date
- Thread