This is archived content, mostly untouched since 2003. For newer content/updated versions, see netfuture.ch/Publications.
First page Back Continue Last page Overview Text

GOSSIB Operation. GOSSIB. Group Of Strongly SImilar Birthdays. Partial-birthday attack. Single-chunk replacement allowed. … as long as hash still matches. Result. 8 fragments for single. (true) edge. 9 fragments for two fake edges.

Notes:


You probably all know about the birthday paradox. For example, in a group of just 23 people, there is a probability of over half, that two will have the same birthday. In general, about sqrt(N) selections of items out of a group of N distinct items are necessary before the probability of the same item having been drawn twice reaches half.
As you probably know, birthday attacks based on this collision principle are widely used when trying to break cryptographic protocols involving hash functions. Here, we apply a new twist. As the recombination at the victim is not deterministic, we do not require to create full collisions; instead, partial collisions are fine.
Our goal is thus: Find a set of 8 address fragment/hash fragment tuples, where replacing a single fragment still results in a valid hash result.