RE: CRC32 vd MD5

From: John Howie (JHowieat_private)
Date: Sat Jan 04 2003 - 15:34:08 PST

Next message: Valdis.Kletnieksat_private: "Re: unable to mount fs for forensics"

Previous message: Aaron Cheek: "Re: CRC32 vd MD5"
Maybe in reply to: adminat_private: "CRC32 vd MD5"
Next in thread: andrea.glorioso@binary-only.com: "Re: CRC32 vd MD5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jamie,

A 32-bit CRC does not exhibit collision resistance; its result space is
too small to be considered safe. The CRC32 algorithm is not considered
safe, either.

MD5 and SHA1 are more 'secure'. MD5 generates a 128-bit hash and SHA1 a
160-bit hash. SHA1 is part of the Digital Signature Standard (DSS). The
goal of these algorithms was to make it near-impossible to have matching
hashes for two different inputs.

On reading the court documents you provided links to, it shows that the
FBI labs used MD5 to verify the integrity of the SafeBack images. So,
although SafeBack generates an insecure value, the authenticity of the
images was verified.

John

-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Valdis.Kletnieksat_private: "Re: unable to mount fs for forensics"
Previous message: Aaron Cheek: "Re: CRC32 vd MD5"
Maybe in reply to: adminat_private: "CRC32 vd MD5"
Next in thread: andrea.glorioso@binary-only.com: "Re: CRC32 vd MD5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jan 05 2003 - 15:42:40 PST