Hacker News new | past | comments | ask | show | jobs | submit login

Note: correct me if I’m wrong, but to be relevant to this theorem and definition of sensitivity, the two strings would have to be for the same circuit and therefore be the same length, which is much harder than finding hash collisions in general.

And I thought they had ways to construct hash functions so that all the inputs of the same length have a different output?




> And I thought they had ways to construct hash functions so that all the inputs of the same length have a different output?

That's trivially impossible for fixed-size hashes, by the pigeon hole principle.


Sorry, I meant all inputs whose length equals the output length.

The point being, for at least that case you can guarantee a sensitivity of one bit.


Not if the output is longer than the input, such as for passwords


I doubt any study of hash functions restricts itself to studying a very tiny subset of all possible (infinite) inputs. The security of hash functions is always studied under the assumption of arbitrary inputs.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: