[OT] Micro$oft versus security

Simon 'corecode' Schubert corecode at fs.ei.tum.de
Thu Sep 22 03:26:43 PDT 2005


Erik Wikström wrote:
Anyone here agree that MD5 and SHA1 are 'weak' crypto?  Any other
thoughts about the subject?
I would not say that MD5 and SHA1 are weak, but considering that some
companies run the same version of a MS-product for ages and considering
the reports of attacks against then, it might be a good idea. For some
things though, such as integrity-checks (of non-critical data)they will
still work fine (I still use CRC32).
First of all, MD5 and SHA1 are not crypto.  They are strong one-way 
hashes, i.e. it's hard to find data which results in the same hash.

Nevertheless they have been broken recently (about one year) and for MD5 
for example single bits can be changed.  That doesn't seem much, but 
it's a step in the direction "you can't trust that if a file matches its 
MD5 it hasn't been tampered with".

CRC32 was never designed for this kind of tampering protection.  It's 
merely a system to discover bit errors while transmitting few data.

cheers
  simon
--
Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low $$$ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \




More information about the Users mailing list