Re: System integrity...
> On Wed, Jun 16, 1999 at 06:16:28PM +0100, Jules Bean wrote:
> > I'm currently unsubscribed to -policy - I should be resubscribing soon,
> > when my free time increases to that amount needed to follow policy. So
> > apologies if this has been covered before...
> > Doesn't an md5sums file need to have file lengths to work? I
> > understoood that there were known algorithms to produce a new file with
> > a given md5sum, if you can vary the length of the file?
> Not that I know of. md5sums are considered cryptographically secure.
> Perhaps you are thinking of CRC checksums?
AFAIK, Jules is correct: MD5 sums are only cryptographically secure
(and there was a cryptic announcement by RSA which even throws that
into some doubt) if the correct length of the plaintext is also
Julian Gilbey, Dept of Maths, QMW, Univ. of London. J.D.Gilbey@qmw.ac.uk
Debian GNU/Linux Developer, see http://www.debian.org/~jdg