On Mon, 12 Jul 2004, Tor Slettnes wrote:
>
> I still have to say that I don't completely agree. For someone to be
> able to deduct your SECRET from a "${hash_N:SECRET=<string>}" (where N
> is smaller than the length of "SECRET=<string>"), they would need:
> - samples of several different signatures - in other words - they
> would have to solicit or gather mail that you sent to several different
> recipients.
> - a pretty good understanding of Exim's ${hash..} function
They don't need to deduce the secret itself, just something that allows
them to forge a hash. Exim's hash function is very very easy to forge. In
particular note that each character of the input string only affects one
character of the output in a very simple manner, whereas in a
cryptographic hash each bit of the input will affect about 50% of the
entire output in a very complicated manner.
Tony.
--
f.a.n.finch <dot@???>
http://dotat.at/
NORTH FORELAND TO SELSEY BILL: WEST TO NORTHWEST 2 OR 3 BECOMING VARIABLE 2
THEN SOUTHWEST 3 OR 4. FAIR AT FIRST, BUT TURNING MISTY WITH PATCHY RAIN OR
DRIZZLE AND A RISK OF FOG PATCHES. MODERATE OR GOOD BECOMING MODERATE OR POOR
WITH A RISK OF FOG PATCHES. SLIGHT.
