Beefy Boxes and Bandwidth Generously Provided by pair Networks kudra
Problems? Is your data what you think it is?
 
PerlMonks  

nitpick

by sleepingsquirrel (Hermit)
on Aug 26, 2004 at 23:57 UTC ( #386206=note: print w/ replies, xml ) Need Help??


in reply to On showing the weakness in the MD5 digest function and getting bitten by scalar context

Yes folks, the person who wrote the original snippet created an array of 128 values, and assigned it to scalar.
Just a minor nitpick, it was the second poster who made the scalar/array context slip. (I'm the guy who posted the first code snippet;). True to my .sig, I didn't post my code until I knew I had the correct answer. In any case, the md5sum of the correct byte streams should be...
79054025255fb1a26e4bc422aef54eb4
As also noted on this page. Just for the heck of it, here's my original code. (and of course you should realize that it uses backticks to run a program called "echo" and "md5sum", hence the unix qualifier)
#!/usr/bin/perl -w use strict; my $v1=<<END_V1; d1 31 dd 02 c5 e6 ee c4 69 3d 9a 06 98 af f9 5c 2f ca b5 87 12 46 7e ab 40 04 58 3e b8 fb 7f 89 55 ad 34 06 09 f4 b3 02 83 e4 88 83 25 71 41 5a 08 51 25 e8 f7 cd c9 9f d9 1d bd f2 80 37 3c 5b d8 82 3e 31 56 34 8f 5b ae 6d ac d4 36 c9 19 c6 dd 53 e2 b4 87 da 03 fd 02 39 63 06 d2 48 cd a0 e9 9f 33 42 0f 57 7e e8 ce 54 b6 70 80 a8 0d 1e c6 98 21 bc b6 a8 83 93 96 f9 65 2b 6f f7 2a 70 END_V1 my $v2=<<END_V2; d1 31 dd 02 c5 e6 ee c4 69 3d 9a 06 98 af f9 5c 2f ca b5 07 12 46 7e ab 40 04 58 3e b8 fb 7f 89 55 ad 34 06 09 f4 b3 02 83 e4 88 83 25 f1 41 5a 08 51 25 e8 f7 cd c9 9f d9 1d bd 72 80 37 3c 5b d8 82 3e 31 56 34 8f 5b ae 6d ac d4 36 c9 19 c6 dd 53 e2 34 87 da 03 fd 02 39 63 06 d2 48 cd a0 e9 9f 33 42 0f 57 7e e8 ce 54 b6 70 80 28 0d 1e c6 98 21 bc b6 a8 83 93 96 f9 65 ab 6f f7 2a 70 END_V2 my $p=join("",map {chr(hex($_))} split /\s+/, $v1); my $q=join("",map {chr(hex($_))} split /\s+/, $v2); print `echo -n \'$p\'|md5sum`; print `echo -n \'$q\'|md5sum`;


-- All code is 100% tested and functional unless otherwise noted.


Comment on nitpick
Download Code
Re: nitpick
by dragonchild (Archbishop) on Aug 27, 2004 at 01:32 UTC
    Not having followed the recognization of MD5's weakness(es), it looks as if your two strings differ by the significant bit on the 20th, 30th, etc bytes. That looks like someone mathematically broke MD5. Now, wouldn't SHA-n have a similar problem, but with a much larger sample set? Or, is it because the algorithm took liberties it shouldn't have taken?

    ------
    We are the carpenters and bricklayers of the Information Age.

    Then there are Damian modules.... *sigh* ... that's not about being less-lazy -- that's about being on some really good drugs -- you know, there is no spoon. - flyingmoose

    I shouldn't have to say this, but any code, unless otherwise stated, is untested

      SHA-0 was shown to be weak by a similar technique, as well as a reduced form of SHA-1 (40 rounds instead of 80, IIRC). Since such discoveries tend to promote other deiscoveries along the same lines, there is cause to be distrustful of SHA-1. Don't Panic, but be distrustful.

      Basically, this is a good time to come up with a totally new hash algorithm, since most of the existing ones are based on MD4.

      "There is no shame in being self-taught, only in not trying to learn in the first place." -- Atrus, Myst: The Book of D'ni.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://386206]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (7)
As of 2014-04-19 01:08 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (475 votes), past polls