[Esip-preserve] On Earth Science Data File Uniqueness
Brian Duggan
brian.duggan at nasa.gov
Wed Feb 16 10:44:53 EST 2011
On Wed, Feb 16, 2011 at 07:10:25AM -0600, Curt Tilmes wrote:
> On 02/15/11 08:29, Bruce Barkstrom wrote:
> > As a minor note, I believe both MD5 and SHA-1 are believed to be
> > "broken" (or "slightly flawed") cryptographic digests. This means
> > that there might be some way for someone to forge IDs. Don't know
> > that there have been any successful uses of the vulnerability - but
> > most cryptographers would probably think that was just a matter of
> > time.
>
> Indeed --
> http://en.wikipedia.org/wiki/MD5#Security
> http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
>
> I haven't done a huge amount of research on those, but my
> understanding is that each of the published attacks compromise
> cryptographic uses like non-repudiation, since they allow a malicious
> agent to change the content in such a way that the digital signature
> is still the same.
They are collision attacks, not pre-image attacks. An agent/man-
in-the-middle changing content without changing the hash would be
a pre-image attack.
<http://tools.ietf.org/html/rfc4270>
"2.1. Currently Known Attacks
All the currently known practical or almost-practical attacks on MD5
and SHA-1 are collision attacks. This is fortunate: significant
first- and second-preimage attacks on a hash algorithm would be much
more devastating in the real world than collision attacks, as
described later in this document."
Brian
More information about the Esip-preserve
mailing list