On Mon, Aug 30, 2004 at 02:33:21PM -0700, Gregory Hicks wrote:
Actually...
The "collision" problem discovered means that there might be MULTIPLE 680MB files that give the same checksum.
Of course, the utility of most of these files would be an exercise left to the 'cracker' if you were looking for an OS patch but ended up with the contents of an encyclopeida.
Actually... None of the demonstrated collisions are in a file approaching anything close to the size of a typical CD. They are only 1024 bit (128 byte) files, and the found collisions only differ from the original by a few bytes. Finding a collision in a 200+ MB patch file is not terribly useful unless you can actually make the patch do something it shouldn't, or not do, something it should. This is computationally expensive in the extreme. And even if you manage to do so, odds are that your file, even if it is both detrimental and a collision in MD5, would not also be a hash collision when hashed with SHA-1, or -256, -512, and the like. I could quite easily avoid this problem by hashing the source file using a few different algorithms and comparing all of those hashes to the received file. There have been some near collisions (on modified versions of MD5) in existance for several years; the fact that MD5 is not a perfect hashing algorithm is not a surprise. MD5 is weaker than previously thought, sure. But is this really likely to be a problem for network operators soon? I don't think so, although people should evaluate these risks for themselves. --msa