On Sat, 03 Aug 2013, Ondřej Surý wrote: > [IANACryptoguy] As far as I understand the MD5 attacks the length doesn't > matter. You just need to pick the package big enough to hold your evil > content and the "filling" which you use to compute the same MD5 (e.g. > collision vulnerability). I think that the lengths of the files do not add > enough bits.
For length to make a sucessfull collision attack considerably harder, your signature must include the length, i.e. it should be something like "hash, length", not just the hash. I.e. you need to know the length of the original message/data somehow, not just its hash. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130803173235.gc10...@khazad-dum.debian.net
