On Tue, 28 Apr 2009, Steve Freegard wrote:
John Hardin wrote:
On Tue, 28 Apr 2009, Steve Freegard wrote:
To reduce the likelihood of collisions then it's better to add the input
string length at the end of the md5 like ClamAV does in it's MD5 sigs
e.g.
s...@laptop-smf:~$ perl -MDigest::MD5 -e '$email="s...@fsg.com"; print
Digest::MD5::md5_hex($email).length($email).".emailbl.org\n"'
c18782f8d94595d5e016e3ab9ab3f8f610.emailbl.org
This also has the benefit of making it impossible to reverse the list
if the spammer were to rsync the list.
...huh? If MD5 isn't cryptographically secure, how will adding some
extra characters onto the end make it stronger?
Well in the case of an emailBL - the worst that can happen is that one
listed md5 collides with an innocent e-mail address.
I get that. That's a reasonable counter to hash collisions.
I suppose I should ask, what do you mean by a spammer "reversing the
list"?
And there's no way to keep a spammer from checking to see if a given
email address is listed, just as there's no way to keep them from
checking whether a given domain name is listed.
Ok - you're right. It's late here ;-)
Sleep well! :)
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Theraputic Phrenologist - send email for affordable rate schedule.
-----------------------------------------------------------------------
96 days since Obama's inauguration and still no unicorn!
