Beefy Boxes and Bandwidth Generously Provided by pair Networks RobOMonk
There's more than one way to do things
 
PerlMonks  

Re^8: On showing the weakness in the MD5 digest function and getting bitten by scalar context

by BrowserUk (Pope)
on Aug 28, 2004 at 23:07 UTC ( #386664=note: print w/ replies, xml ) Need Help??


in reply to Re^7: On showing the weakness in the MD5 digest function and getting bitten by scalar context
in thread On showing the weakness in the MD5 digest function and getting bitten by scalar context

Yes, I think that would work.

A workaround might be quite easy though.

Produce 2 md5s. One from the whole file and another from the file minus 1 byte (first, last or middle). Or make the second md5 just the first half of the file; or from just the 10th, 20th, 30th etc. bytes (or whichever bytes the attack modifies to compromise the md5).

Now the attackers not only have the task of finding a duplicate file with the same md5, they have to produce one that matches two md5s.

Again, my math lets me down, but doesn't that make their job much, *much* harder?

Examine what is said, not who speaks.
"Efficiency is intelligent laziness." -David Dunham
"Think for yourself!" - Abigail
"Memory, processor, disk in that order on the hardware side. Algorithm, algorithm, algorithm on the code side." - tachyon


Comment on Re^8: On showing the weakness in the MD5 digest function and getting bitten by scalar context
Re^9: On showing the weakness in the MD5 digest function and getting bitten by scalar context
by Anonymous Monk on Aug 29, 2004 at 14:52 UTC

    Yes, it's probably possible to come up with a workaround that would allow us to continue using MD5 securely, much like triple DES allows us to keep using DES. Now that there's a good alternative to DES, though (namely AES), there's no reason to keep using triple DES (which is slow). There's already a good alternative to MD5, so there's no reason to kludge up a workaround.

    Note that nobody ever uses double DES. That's because it is vulnerable to a meet-in-the-middle attack. Secure workarounds are hard to design.

[reply]

In Section Meditations

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://386664]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (6)
As of 2013-05-19 06:11 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best material for plates (tableware) is:









    Results (397 votes), past polls