Edit - Cryptography Stack Exchange

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

Rev

11

$\begingroup$ While this is certainly amusingly written, it does miss one point: if the probability of being mauled by a runaway Gorilla is $2^{-60}$, then the probability of being mauled by two runaway Gorillas is not $0.5 \times 2^{-60}$, but $(2^{-60})^2 = 2^{-120}$. Hence, you can't really expect to be mauled by 250000 successive gorillas before you find a collision; however, you are still far more likely to be mauled by one than find a collision. $\endgroup$

poncho
– poncho ♦

2011-11-11 21:49:54 +00:00
Commented Nov 11, 2011 at 21:49
7

$\begingroup$ @poncho: $2^{-60}$ per day. So $2^{-120}$ is the probability of encountering two gorillas the same day. You can view it with a time frame: on average, you will meet a gorilla every $2^{60}$ days. You will get a SHA-256 collision every $2^{76}$ days (there was a mistake in my estimate, so 65000 gorillas, not 250000)(assuming you regenerate the $2^{90}$ 1MB blocks every day). So you really get $2^{16}$ gorillas for every collision -- but not in one go, as a massive gorilla army attack ! (that would be spooky) $\endgroup$

Thomas Pornin
– Thomas Pornin

2011-11-11 22:00:43 +00:00
Commented Nov 11, 2011 at 22:00
3

$\begingroup$ Ah, I missed that point. On the other hand, I was going through the probability that you really will be attacked by a Gorilla that escaped from the zoo: a quick Google shows at least three people who have actually been attacked by Gorilla's escaping from a zoo in the last decade (none severely). That bounds the probability of such an event to about $3/(7000000000 \times 365 \times 10) \approx 2^{-43}$. Hence, finding a collision isn't that much more likely than being attacked by two separate Gorillas in the same day (!) $\endgroup$

poncho
– poncho ♦

2011-11-12 14:39:49 +00:00
Commented Nov 12, 2011 at 14:39
2

$\begingroup$ @Ricky: if we knew how to handcraft data blocks specifically to trigger a SHA-256 collision, with better success than with random blocks, then this would be advertised as a break on SHA-256. No such break is currently known on SHA-256. Current methods for attacking MD5 and SHA-1 appear unlikely to apply to SHA-256 (this has been tried). $\endgroup$

Thomas Pornin
– Thomas Pornin

2011-11-13 14:48:09 +00:00
Commented Nov 13, 2011 at 14:48
7

$\begingroup$ Just remember that gorilla escapes are not necessarily independent events. :-) $\endgroup$

I answer wrong - have fun
– I answer wrong - have fun

2012-12-22 20:03:31 +00:00
Commented Dec 22, 2012 at 20:03

| Show 6 more comments

Correct minor typos or mistakes
Clarify meaning without changing it
Add related resources or links
Always respect the author’s intent
Don’t use edits to reply to the author

create code fences with backticks ` or tildes ~
```
like so
```
add language identifier to highlight code
```python
def function(foo):
print(foo)
```
put returns between paragraphs
for linebreak add 2 spaces at end
_italic_ or **bold**
quote by placing > at start of line
to make links (use https whenever possible)

<https://example.com>

[example](https://example.com)

<a href="https://example.com">example</a>
MathJax equations $\sin^2 \theta$

formatting help »
answering help »

MathJax help »