Re: new hashes (SHA512, SHA3) in apt metadata and .changes files?
On Sat, 03 Aug 2013, Ondřej Surý wrote:
> [IANACryptoguy] As far as I understand the MD5 attacks the length doesn't
> matter. You just need to pick the package big enough to hold your evil
> content and the "filling" which you use to compute the same MD5 (e.g.
> collision vulnerability). I think that the lengths of the files do not add
> enough bits.
For length to make a sucessfull collision attack considerably harder, your
signature must include the length, i.e. it should be something like "hash,
length", not just the hash. I.e. you need to know the length of the
original message/data somehow, not just its hash.
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot