LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-09-2008, 11:38 AM   #1
DeepSeaNautilus
Member
 
Registered: Jul 2008
Posts: 65

Rep: Reputation: 15
Help with MD5 and SHA1 signatures


I know what is the md5 signature, how to get it and what it is used for, but what is the difference between sha1 and md5 sigantures, which one is the best to use? Thanks.

Last edited by DeepSeaNautilus; 08-09-2008 at 12:34 PM.
 
Old 08-09-2008, 12:43 PM   #2
amani
Senior Member
 
Registered: Jul 2006
Location: Kolkata, India
Distribution: Debian 64-bit GNU/Linux, Kubuntu64, Fedora QA, Slackware,
Posts: 2,766

Rep: Reputation: Disabled
RTFM for differences. sha1 is better in practice. But there are other sha*

You can always get the md5 signature with md5sum
You can compare it with a correct signature too

#info md5sum
#info sha1sum
 
Old 08-09-2008, 03:38 PM   #3
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Quote:
Originally Posted by DeepSeaNautilus View Post
I know what is the md5 signature, how to get it and what it is used for, but what is the difference between sha1 and md5 sigantures, which one is the best to use? Thanks.
There's tons of papers on both MD5 and SHA-1 all over the Web. Both hash functions have (as one would expect) received lots of attention from cryptanalysts. If you do a bit of research, you will find that both of them have their weaknesses. Generally speaking, MD5 is considered a lot weaker than SHA-1, due to the much smaller of amount of computation necessary to find a collision. But why limit yourself to MD5 and SHA-1? You can pick something from the SHA-2 series if you are looking for something which is considered stronger. What are you planning on using the hashes for?
 
Old 08-10-2008, 11:03 PM   #4
DeepSeaNautilus
Member
 
Registered: Jul 2008
Posts: 65

Original Poster
Rep: Reputation: 15
Integrity Application

Quote:
Originally Posted by win32sux View Post
There's tons of papers on both MD5 and SHA-1 all over the Web. Both hash functions have (as one would expect) received lots of attention from cryptanalysts. If you do a bit of research, you will find that both of them have their weaknesses. Generally speaking, MD5 is considered a lot weaker than SHA-1, due to the much smaller of amount of computation necessary to find a collision. But why limit yourself to MD5 and SHA-1? You can pick something from the SHA-2 series if you are looking for something which is considered stronger. What are you planning on using the hashes for?
Well, my girlfriend has to make an application to check the integrity of several unix filesystems and she asked me for help. The parameters of the analysis are based on md5, sha1 signatures and the inode and size of the files. But itīs really interesting and specially useful to know thereīs something stronger than md5 and sha1. Thanks
 
Old 08-11-2008, 02:02 PM   #5
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Quote:
Originally Posted by DeepSeaNautilus View Post
Well, my girlfriend has to make an application to check the integrity of several unix filesystems and she asked me for help. The parameters of the analysis are based on md5, sha1 signatures and the inode and size of the files. But itīs really interesting and specially useful to know thereīs something stronger than md5 and sha1. Thanks
No problem, happy to help. BTW, keep in mind that using both is way better than using just one. In fact, the more hash functions you run your files through, the lesser the chance of a collision being found which would trick your integrity checker. For example, if probability of collision in foo is 0.000001 and probability of collision in bar is 0.000000001, then probability of a collision affecting them both should be 0.000000000000001 (the product of both probabilities). By using three or more different hashes the odds get even better. Tell your girlfriend to look at the source code for Tripwire and/or AIDE to get an idea of good hashes to use for this application, as well as other characteristics she can look for aside from inodes and file sizes.
 
Old 08-11-2008, 03:33 PM   #6
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
For instance, TLSv1 uses both MD5 and SHA1 (XOR'd, IIRC) to give it some future-proofing in case one of those algorithms is broken.
 
Old 08-11-2008, 10:51 PM   #7
DeepSeaNautilus
Member
 
Registered: Jul 2008
Posts: 65

Original Poster
Rep: Reputation: 15
Attributes

Quote:
Originally Posted by win32sux View Post
No problem, happy to help. BTW, keep in mind that using both is way better than using just one. In fact, the more hash functions you run your files through, the lesser the chance of a collision being found which would trick your integrity checker. For example, if probability of collision in foo is 0.000001 and probability of collision in bar is 0.000000001, then probability of a collision affecting them both should be 0.000000000000001 (the product of both probabilities). By using three or more different hashes the odds get even better. Tell your girlfriend to look at the source code for Tripwire and/or AIDE to get an idea of good hashes to use for this application, as well as other characteristics she can look for aside from inodes and file sizes.
Thanks, I told my girl to look at Tripwire and AIDE commands.
I have made several scripts to solve the problem I commented before. One of them is called atributes and its called like this:
atributes file
it gives the following output:
md5 signature:sha1 signature:inode:size:file
This way I can check both md5 and sha1 signatures as you suggested. I can later on add other more advanced signatures as fields to perform a better integrity validation.
Thanks again

Last edited by DeepSeaNautilus; 08-11-2008 at 10:52 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
md5/sha1 Openssl libraries gives different output for binary files return.c Programming 1 03-24-2008 01:27 PM
How to ckeck MD5 signatures after download ISO files? aliamiri Linux - General 6 05-09-2006 02:16 PM
password hash storage (md5, sha1...) aneroid Programming 6 12-30-2005 11:27 PM
checking sha1 file trueromance Fedora - Installation 3 12-25-2005 12:17 PM
Getting SHA1... Red Guy Linux - Software 0 07-22-2003 11:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:43 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration