[183768] in North American Network Operators' Group
Re: Synful Knock questions...
daemon@ATHENA.MIT.EDU (Jake Mertel)
Tue Sep 15 16:37:49 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <14749.1442347281@turing-police.cc.vt.edu>
From: Jake Mertel <jake.mertel@ubiquityhosting.com>
Date: Tue, 15 Sep 2015 13:37:26 -0700
To: Valdis.Kletnieks@vt.edu
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
My apologies, Valdis is indeed correct, I did not mean to suggest that it
would be possible to make modifications in such a way that would result in
an identical checksum. Sorry for the confusion and extra noise.
--
Regards,
Jake Mertel
Ubiquity Hosting
*Web: *https://www.ubiquityhosting.com
*Phone (direct): *1-480-478-1510
*Mail:* 5350 East High Street, Suite 300, Phoenix, AZ 85054
On Tue, Sep 15, 2015 at 1:01 PM, <Valdis.Kletnieks@vt.edu> wrote:
> On Tue, 15 Sep 2015 11:54:30 -0700, Jake Mertel said:
> > Indeed -- While there are methods that can be used to "pack" a file so
> that
> > it collides with a desirable checksum, that would be nearly impossible to
> > do in this scenario.
>
> Small clarification here.
>
> There are known methods to easily produce two files that have the same MD5
> hash, but you have no control over the checksum.
>
> There are not (to my knowledge) ways to tweak a file to produce a specified
> MD5 hash. MD5 is broken, but not *that* broken (yet). Feel free to point
> me at papers if it's been done.
>
> There are ways to easily produce a file with a specified
> non-crypto-strength
> hash like a CRC-32.
>
> So it really matters to be clear on what algorithm is used for the
> checksum/hash.
>
