LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-10-2012, 08:12 PM   #1
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Slackware, CentOS, Ubuntu, Fedora, Timesys, Linux From Scratch
Posts: 1,777
Blog Entries: 20

Rep: Reputation: 115Reputation: 115
MD5 collision risk


Suppose someone comes up with 2 different data files that would collide in their MD5 hash. What is the chance that for a given arbitrary string, these 2 different data files appended to that string (e.g. the string is first) will also collide in their MD5 hash?

Where this fails:
Code:
diff file1 file2
but these get the same results:
Code:
cat file1 | md5sum
cat file2 | md5sum
what chance for these to get the same results:
Code:
cat filex file1 | md5sum
cat filex file2 | md5sum
or these:
Code:
cat file1 filex | md5sum
cat file2 filex | md5sum
or these:
Code:
cat filex file1 filex | md5sum
cat filex file2 filex | md5sum
or even these:
Code:
cat filex file1 filey | md5sum
cat filex file2 filey | md5sum
The idea here is if you have a system where files are being provided by people, where some suspect you manage the files by MD5 hash, and have an interest in creating a collision, and manage to create a bogus file with the same MD5 hash as another one ... could a secret salt file being added to the file before hashing be expected to reasonably obscure the hashing?
 
Old 11-10-2012, 08:47 PM   #2
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Servers: Debian Squeeze and Wheezy. Desktop: Slackware64 14.0. Netbook: Slackware 13.37
Posts: 8,524
Blog Entries: 27

Rep: Reputation: 1175Reputation: 1175Reputation: 1175Reputation: 1175Reputation: 1175Reputation: 1175Reputation: 1175Reputation: 1175Reputation: 1175
Or you could use both MD5 and SHA1 sums
 
Old 11-11-2012, 08:15 AM   #3
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,778
Blog Entries: 1

Rep: Reputation: 412Reputation: 412Reputation: 412Reputation: 412Reputation: 412
Quote:
where some suspect you manage the files by MD5 hash,
Do you mean you're using the MD5 as a unique identifier for the files?
 
Old 11-11-2012, 01:50 PM   #4
linosaurusroot
Member
 
Registered: Oct 2012
Distribution: OpenSuSE,RHEL,Fedora,OpenBSD
Posts: 742
Blog Entries: 2

Rep: Reputation: 193Reputation: 193
If the additional string is at the end and the original files were a multiple of 512 bits then the collision will still exist.

If you are aiming to use additional (secret) information for message authentication then use HMAC http://www.ietf.org/rfc/rfc2104.txt
 
Old 11-11-2012, 05:53 PM   #5
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Rep: Reputation: 49
Quote:
Originally Posted by linosaurusroot View Post
If the additional string is at the end and the original files were a multiple of 512 bits then the collision will still exist.

If you are aiming to use additional (secret) information for message authentication then use HMAC http://www.ietf.org/rfc/rfc2104.txt
This shouldn't be too hard to verify. Googling "md5 collisions" yields this page:
http://www.mathstat.dal.ca/~selinger/md5collision/

It's got two distinct strings that yield the same MD5 sum. You could try appending a 512-bit string to each and see if the collision happens.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to avoid COLLISION md5 ? jabka Programming 1 07-12-2006 02:05 PM
MD5 Collision Source Code Released primo Linux - Security 7 11-23-2005 08:46 AM
MD5, collision and verification program Mr-TY General 1 11-30-2004 08:59 AM
Will a RISK Processor Run on Linux, PA-RISK 8500 at 400MHz CPU IBNETMAN79 Linux - General 2 03-08-2002 07:09 PM
Will a RISK Processor Run Linux, PA-RISK 8500 CPU IBNETMAN79 Linux - Newbie 1 03-08-2002 06:49 PM


All times are GMT -5. The time now is 06:19 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration