1

I have a plain text string "I-like-drawwing", and this string has a SHA512 value, assume the SHA512 is "aabbcc". Then I show SHA512 "aabbcc" to my friend and say: "this is SHA512 for my string, and my string ended with 'ing', I bet $20 that you don’t know my string".

I don't want loose, so I must find another string ended with "ing" and also has the same SHA512 "aabbcc", Can I find that string?

Adrian Self
  • 139
  • 8
Hu Bin
  • 121
  • 4
  • 1
    You should clarify what exactly you mean by "aabbcc". Is it just an example? Because a SHA512 output is 512 bits, how exactly would you encode this to "aabbcc"? Encoding a 512 bit value to 6 alphabetic letters would likely create way more collisions. – AleksanderCH Apr 24 '20 at 09:47
  • 5
    If the question is "can we find two different strings that have common SHA512 hash values", the answer is "no" – poncho Apr 24 '20 at 14:16

1 Answers1

2

What you are describing is a second-preimage attack on SHA-512, and you will find it quite infeasible, requiring an expected $2^{512}$ hash computations.

Now, consider your friend's position.

SHA-512 is a one-way function, and knowing part of the plaintext does not help reverse it to recover the whole plaintext from the hash.

Instead, a brute-force approach is necessary. Your friend will calculate hashes of all possible inputs matching the condition you tell him (ending with "ing"). Once he finds a match, he will conclude that he has found your string.

What does your friend know about your string? Its length? The set of characters you might use? The fact that you posted it on stackexchange? Your best hope is that your friend will not find your string, because if he does, you will be unable to lie and present another string with the same hash.

Adrian Self
  • 139
  • 8