Re: MD5 sums of individual files?
On Thu, Mar 29, 2001 at 11:19:24AM -0800, Pat Moffitt wrote:
> It is more than possible. There are people that have figured out how to pad
> a file to make the checksums the same. They don't have to worry about the
> fact that your checksums cannot be changed because they will fake theirs to
> match.
We're talking about MD5 hashes here, not CRC error detection codes. You're
saying that people have broken MD5. If this were true, I would have heard
about it by now!
> This is much more work and would require that the hacker have more
> skills than the regular script kiddy.
AFAIK, this requires a computationally-infeasible amount of work.
Besides, if you pad a file, then the length is wrong. You can check that
too. (Of course, you could just change bytes mid-file, but that is probably
even harder, i.e. still impossible without all the worlds computers and a
lot of time.)
--
#define X(x,y) x##y
Peter Cordes ; e-mail: X(peter@llama.nslug. , ns.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BCE
Reply to: