On 2017-06-23, at 06:48, Pew, Curtis G wrote:
> On Jun 22, 2017, at 6:15 PM, Frank Swarbrick wrote:
>>
>> The MD5 is used to verify that the file sent from the mainframe has the same
>> data when received on the interim distributed system. So creating the MD5
>> after its already there does no good.
>
> I will just add 2 points:
>
> 1. If you compute the MD5 hash while the file is still EBCDIC, you will get a
> completely different value than the hash of the ASCII version. Hash
> algorithms work on the binary representation, not the logical meaning.
>
Yes.
> 2. If you’re trying to ensure the data hasn’t been intentionally modified,
> MD5 is nearly useless. If you need a hash for detecting malicious corruption,
> I’d use at least SHA2.
>
Maybe. I have yet to hear of a general preimage attack on MD5; only
cleverly crafted collisions:
https://en.wikipedia.org/wiki/Preimage_attack
But, exercise an abundance of caution.
Are there any prepackaged utilities that will use ICSF to:
o encrypt/decrypt a UNIX file
o generate/validate a hash of a UNIX file
... without resorting to an Assembler (or other language)
programming interface?
When I recommended SuperC over checksum, I neglected that there are
numerous Compare Type and process options that affect the strength
of the comparison. I don't know which give the strictest comparison.
-- gil
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
