散列之争,激战正酣

      美国国家标准与技术研究院(NIST)上周公布了入围“美国下一代安全散列标准竞赛”的51个提案。

      这次竞赛的目的是为了寻找一个强大的替代品,来取代现有的散列函数集。因为现有的散列函数集中有些已经显现出比当初设想的要差的加密性。所有的参赛者在十月底之前的时候就向政府提交了他们的提案。这份上周公布的名单中包含了所有达到政府最低标准的参赛者的名单。

      提案上交之后的下一步是:破解其他参赛者的算法。这对每支参赛队来说都是一个找到其他提案中漏洞最好的机会。根据NIST官方网站,51支参赛队中已有3支承认他们的提案中存在弱点。

      散列算法对计算机安全起着举足轻重的作用。如果可以用数字来识别数据,就像用指纹来识别人一样时。散列算法就可以使一个很大的数据文件(比如word文本或邮件)变烦为简为一个小文件。即使源文件只是做了一点点微小的修改,一个好的散列函数仍然可以给出完全不同的结果。从完整性检查到数字签名,很多的加密和安全功能都会用到散列算法。

      研究人员已经发现了实际的对于旧的散列算法(MD4和SHA-0)的攻击。这种攻击展现了产生“碰撞”的能力,即建立两个文件并可以得到相同散列值的方法。举例来说,通过强制产生“碰撞”,攻击者可以创建一个和源文件电子签名匹配的新文件,这样文件看起来是一样,但实际上内容已经做过修改。另外,一些比较新的散列算法(SHA-1)也已经被发现有弱点。但对于现行的安全标准(SHA-2),研究人员到目前为止还没有发现实际的攻击。所以NIST现在不需要为其找到替代品。

      联邦政府将在明年二月底的时候举行一个研讨会来专门讨论这些散列算法的提案。到2010年,NIST的目标是将提案缩减到12个左右,并计划举行第二次研讨会。
 
原文:
Hash contest moves on to mass free-for-all
Published: 2008-12-22

The National Institute of Standards and Technology (NIST) published last week a list of 51 submissions that made the initial cut in the competition to become the next secure hashing standard for the United Stated.

The contest seeks to find a strong replacement for the current family of hash functions, some of which have been shown to be cryptographically weaker than originally thought. The teams first submitted their proposals to the government agency at the end of October. The list, published last week, represents those proposals that satisfied the government baseline criteria.

The next step for the teams behind the submissions: Cracking the other algorithms. The best chance for each team's hashing proposal will be to find flaws in the other submissions. Already, three of the 51 teams have acknowledged that there are weaknesses in their proposal, according to NIST's Web site.

Hash algorithms are very important functions in computer security. The algorithms can reduce a large data file -- such as a Word document or e-mail message -- to a simple, if sometimes long, number that can be used to identify the data, in the same way that fingerprints are used to identify humans. A good hash function gives a completely different result if the original file is changed even slightly. A variety of encryption and security functions use hashes, from integrity checks to digital signatures.

Researchers have found practical attacks against older hash functions known as MD4 and SHA-0, demonstrating the ability to generate "collisions," ways of creating two data files that result in the same hash. By forcing a collision, an attacker could, for example, create a modified version of a contract that appears to match -- according to the hash -- the original digitally-signed document. Some weaknesses have been found in a more recent hashing algorithm, known as SHA-1. And, while no practical attacks have been found against the current secure standard, SHA-2, NIST is not waiting to find a replacement.

The federal agency will host a conference on the proposals at the end of February to discuss the field of hash proposals. By 2010, NIST aims to whittle the field down to a dozen or so contenders, and plans to hold a second conference.
根据题目描述,我们可以设计以下类: 1. 球员类(Player):属性包括编号、姓名、上场时间,方法包括攻击和防守。 2. 教练类(Coach):属性包括编号、姓名,方法包括阵型设置和战术指挥。 3. 比赛类(Match):属性包括球员列表和教练,方法包括统计每个球员的上场时间和比赛过程中的事件。 下面是完整的类设计和测试代码: ```c++ #include <iostream> #include <string> #include <vector> using namespace std; class Player { public: Player(int id, string name) : id(id), name(name), timePlayed(0) {} void attack() { cout << name << " is attacking." << endl; } void defense() { cout << name << " is defending." << endl; } void addTimePlayed(int time) { timePlayed += time; } int getTimePlayed() const { return timePlayed; } private: int id; string name; int timePlayed; }; class Coach { public: Coach(int id, string name) : id(id), name(name) {} void setFormation() { cout << name << " is setting formation." << endl; } void tacticalCommand() { cout << name << " is giving tactical command." << endl; } private: int id; string name; }; class Match { public: Match(vector<Player> players, Coach coach) : players(players), coach(coach) {} void start() { coach.setFormation(); coach.tacticalCommand(); for (Player& player : players) { player.attack(); player.defense(); player.addTimePlayed(90); } } void end() { for (Player& player : players) { cout << player.getTimePlayed() << " minutes played for " << player.getName() << endl; } } private: vector<Player> players; Coach coach; }; int main() { Player p1(1, "Player 1"); Player p2(2, "Player 2"); Player p3(3, "Player 3"); Coach coach(1, "Coach"); vector<Player> players = {p1, p2, p3}; Match match(players, coach); match.start(); match.end(); return 0; } ``` 在上面的代码中,我们定义了三个类:Player、Coach 和 Match,并在 main 函数中进行了测试。我们创建了三个球员实例和一个教练实例,并将它们传递给 Match 类的构造函数。Match 类中的 start 方法用于开始比赛,它会调用所有球员的攻击和防守方法,并将每个球员的上场时间设置为 90 分钟。Match 类中的 end 方法用于结束比赛,它会打印出每个球员的上场时间。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值