> > In the following two pdf files: > >http://notablecases.vaed.uscourts.gov/1:01-cr-00455/docs/68089/0.pdf >http://notablecases.vaed.uscourts.gov/1:01-cr-00455/docs/68092/0.pdf So you are reading Cryptome.org ? >related to the case of USA vs Zacarias Moussaoui, there is some >discussion of the use >of CRC32 instead of MD5 to provide verification that a hard disk has been imaged >correctly. In this particular case the later use of MD5 would seem to confirm the accurate >imaging of the disks in question but in general does the use of CRC32 during (and after) >the imaging process really make any further checking with MD5 redundant? I did not read the case papers yet, so my answering may not be in the right context of this case. In my experience a lot of "forensic investigators" are using hashing mechanisms in a wrong way. A disadvantage of digital evidence is that is very easy to manipulate with. To detect if this has happened one can use hashing functions. But calculating a hash while imaging, writing this down, and two months later showing that the hash hasn't changed proves totally nothing. If the hash has not been given to a trusted third party (or timestamping/signing service) manipulating the digital evidence is as hard as filling out a new form with the new hashvalue. In the first PDF you mentioned, I found this paragraph: --- 11. There are a number of commonly accepted hash formulae and methods of "running" hashes in the computer forensic community, including the following: the Cyclical Redundancy Checksum (CRC), the Secure Hash Algorithm Version 1 (SHA-1), and the Message Digest Sum, Version 5 (MD5). Currently, CART techniques incorporate CRC and md5sum hashing methods. --- In my opinion CRC, SHA-1 and MD5 should not be referred to as one and the same type of hasing. For error detecting CRC codes are fine. To make sure disks haven't been manipulated with, only real cryptographic one way hash functions should be used. >Furthermore, would it be realistically possible to change data in an >image whose >authenticity is based solely on CRC32 value(s) without changing the values in question, >and thereby arousing suspicion? Yes, this is actually quite easy. Not only because the "hash-value" is too short, but CRC32 algorithm was not designed as a one-way hash. MD5 (and SHA-1) have the special property that is not possible to generate a text given a hash-value. To make a text for a given CRC32: 1. write the text you want to match this CRC 2. in this text find 32 words you can find a replacement for which does not change the meaning (eg. I love Holland / I love the Netherlands) 3. write a program that will brute force thru all the 2^32 different texts with same meaning to find one which will give you a match 4. run the program :) Let's make this a long thread, Ronald. ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Jan 05 2003 - 15:44:35 PST