Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mstdn.io/users/wolf480pl/statuses/114228535072025340">Wolf480pl (wolf480pl@mstdn.io)'s status on Wednesday, 26-Mar-2025 20:44:18 JST</a><a href="https://mstdn.io/@wolf480pl" title="wolf480pl@mstdn.io"><img src="https://gnusocial.jp/avatar/6007-48-20250211223719.webp" width="48" height="48" alt="Wolf480pl" style="position: absolute; left: 0; top: 0;">Wolf480pl</a><div><a href="https://not.acu.lt/notes/a5tewx1kr0" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/5626" title="ignaloidas@not.acu.lt">Ignas Kiela</a></li></ul></div></section><article><p><a href="https://not.acu.lt/@ignaloidas">@ignaloidas</a> <a href="https://pars.ee/users/lynne">@lynne</a> <br>Why?</p><p>I mean, it's obviously safe in Random Oracle Model, where the only way to learn anything about a hash function's output is to feed it the exact input that produces that output. So knowing some of the bits of the input gives you nothing.</p><p>But Random Oracles don't exist IRL, and there are cryptographic schemes that are secure in Random Oracle Model but insecure with any real hash function.</p><p>So what is SHA-3 then? A collision-resistant function?</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4795411#notice-9393543">In conversation</a><time datetime="2025-03-26T20:44:18+09:00" title="Wednesday, 26-Mar-2025 20:44:18 JST">about 2 months ago</time> <span>from <span><a href="https://mstdn.io/@wolf480pl/114228535072025340" rel="external" title="Sent from mstdn.io via ActivityPub">mstdn.io</a></span></span><a href="https://mstdn.io/@wolf480pl/114228535072025340">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="http://function.So/">http://function.So/</a></h5><div></div></header><div></div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Wolf480pl (wolf480pl@mstdn.io)'s status on Wednesday, 26-Mar-2025 20:44:18 JSTWolf480pl
in reply to
- Lynne
- Ignas Kiela
@ignaloidas @lynne
Why?
I mean, it's obviously safe in Random Oracle Model, where the only way to learn anything about a hash function's output is to feed it the exact input that produces that output. So knowing some of the bits of the input gives you nothing.
But Random Oracles don't exist IRL, and there are cryptographic schemes that are secure in Random Oracle Model but insecure with any real hash function.
So what is SHA-3 then? A collision-resistant function?
In conversationabout 2 months ago from mstdn.iopermalink
Attachments
1. No result found on File_thumbnail lookup.
  http://function.So/

Public

Embed Notice

HTML Code

Corresponding Notice