Dominique Devienne wrote:
Would it be feasible to publish instead of just the SHA-1 all, the SHA-1, MD5 and the size of the file.From: Stefan Bodewig [mailto:[EMAIL PROTECTED]
On Wed, 16 Feb 2005, Dominique Devienne <[EMAIL PROTECTED]> wrote:
You mean that the MD5 and SHA-1 digests computed by the JDK-provided
libraries didn't generate the canonical values of these digests?
No, broken as in "sucessfully attacked".
It is possible to create a file that matches the checksum you've created, but is different from the original without using a brute-force algorithm.
The way to attack MD5 turns out to be rather easy while the way to do
it for SHA-1 still involves using a lot of CPU cycles.
But can the forged file with identical MD5 masquerade as the original file, i.e. still be a Zip file, or tar'd gzipped or bzipped file?
Sure, what you describe sounds bad, but I'm trying to figure out (without too much research of my own ;-) if it's a real problem in practice. --DD
Is Modifying a file while fulfilling all of the following conditions: - the file format valid - the size the same - the SHA-1 the same - the MD5 the same - the working of ant not obviously broken practically possible?
And would it be worth the wile to spend that much effort on forging it on the ant distribution (in the release timeframe?)
It seems to me the vurnerability of the ant project is not in the hashes. (so maybe provide more hashes + size)
Martijn
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
