war story: parallel(1) command

James Knott james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Tue Jul 30 15:13:54 UTC 2013


Eric B wrote:
> ne would think that MD5 is good enough,
> but because it is cryptographically broken, you could find collisions
> that were legitimately generated and not adversarial.
> For example, you might unpack something related to hashes, and it
> contains examples of two different files with duplicate MD5 hashes.

Why is this an issue?  Collisions will often happen with hashes.  It
simply means if you have a hash collision, you have to do additional
test, such as comparing actual files.  Comparing hashes and then
comparing files that have the same hash is a lot less work than
comparing each and every file.  Also, what does being broken have to do
with this?  The hashes are only used to test file uniqueness, not
provide security.

--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list