No doubt. There are a LOT of namby-pamby Chicken Littles running around crying about MD5's weaknesses.
It's a HASH, for crying out loud. It's not meant to be provably perfect at identifying unique data streams.
- It is clear that the MD5 digest cannot be unique for every data stream, since it is potentially far shorter than the original data;
- It is clear that an endless variety of data streams will have the SAME digest, because you can construct pretty much any data stream you want;
- It is clear that some yahoo might even be able to make a couple of "falsified" data streams which produce the same MD5 hash;
- It is clear that the MD5 hash is as mathematically valid as it ever has been, since the algorithm hasn't changed at all.
Say you were expecting message M, with hash H. You instead get message N which also happens to hash to H.
- If you were expecting M to be about 20 MB, what's the chances of N being exactly, or even approximately the same size?
- If you were expecting M to be a tarball or other application data, what's the chances of N being uncompressable or otherwise parsable? That is, the falsified data also happens to conform to the protocol?
- If you were expecting M to be executable, what's the chances of N being executable? That is, no introduction of obviously broken execution flaws?
You're worried about MD5 digests for showing falsification of data, right? Where some attacker alters the message? I contend that it will be pretty darned hard to find a useful attack on a message while maintaining MD5 integrity.
To Allied Commanders:
Raiders Expected on Supply Lines in Sector 5.
Keep on guard.
--HQ
To Allied Commanders:
No Raids Reported on Supply Lines for Sector 5, 6, or 8.
Let Freedom Reign.
--HQ
Until someone shows that you can (1) take any arbitrary data set M, (2) falsify it to data set N, by (3) modifying a limited portion of M in an application-useful way and (4) adding less than a gigabyte of additional data, and (5) still come out with M=>H and N=>H hash equivalence, I'll trust MD5, thanks.
--
[ e d @ h a l l e y . c c ]
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.