Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Comment on

( #3333=superdoc: print w/ replies, xml ) Need Help??
No doubt. There are a LOT of namby-pamby Chicken Littles running around crying about MD5's weaknesses.

It's a HASH, for crying out loud. It's not meant to be provably perfect at identifying unique data streams.

  • It is clear that the MD5 digest cannot be unique for every data stream, since it is potentially far shorter than the original data;
  • It is clear that an endless variety of data streams will have the SAME digest, because you can construct pretty much any data stream you want;
  • It is clear that some yahoo might even be able to make a couple of "falsified" data streams which produce the same MD5 hash;
  • It is clear that the MD5 hash is as mathematically valid as it ever has been, since the algorithm hasn't changed at all.

Say you were expecting message M, with hash H. You instead get message N which also happens to hash to H.

  • If you were expecting M to be about 20 MB, what's the chances of N being exactly, or even approximately the same size?
  • If you were expecting M to be a tarball or other application data, what's the chances of N being uncompressable or otherwise parsable? That is, the falsified data also happens to conform to the protocol?
  • If you were expecting M to be executable, what's the chances of N being executable? That is, no introduction of obviously broken execution flaws?

You're worried about MD5 digests for showing falsification of data, right? Where some attacker alters the message? I contend that it will be pretty darned hard to find a useful attack on a message while maintaining MD5 integrity.

To Allied Commanders: Raiders Expected on Supply Lines in Sector 5. Keep on guard. --HQ
To Allied Commanders: No Raids Reported on Supply Lines for Sector 5, 6, or 8. Let Freedom Reign. --HQ

Until someone shows that you can (1) take any arbitrary data set M, (2) falsify it to data set N, by (3) modifying a limited portion of M in an application-useful way and (4) adding less than a gigabyte of additional data, and (5) still come out with M=>H and N=>H hash equivalence, I'll trust MD5, thanks.

--
[ e d @ h a l l e y . c c ]


In reply to Re^2: On showing the weakness in the MD5 digest function and getting bitten by scalar context by halley
in thread On showing the weakness in the MD5 digest function and getting bitten by scalar context by grinder

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • Outside of code tags, you may need to use entities for some characters:
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others exploiting the Monastery: (9)
    As of 2014-08-23 15:59 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      The best computer themed movie is:











      Results (174 votes), past polls