Re: hash functions Re: OVC - I "really" need your help with "public disclosure" legislative suggestion

From: Charlie Strauss <cems_at_earthlink_dot_net>
Date: Mon Nov 27 2006 - 18:58:25 CST

Heres' a couple articles. The important feature is that attack
requires cooperation from the victim in the sense that there needs to
be a large mutable region the attacker can modify without changing
the length of the document. So if don't cooperate and are not
stupid, you can avoid this attack.

On Nov 27, 2006, at 3:05 PM, Joseph Lorenzo Hall wrote:

> On 11/27/06, Karl Auerbach <> wrote:
>> Edmund R. Kennedy wrote:
>>> Crypographic hash functions are said to be a pretty effective
>>> way to
>>> detect tampering with program code.
>> There are a few quite innocent things that occur during routine
>> transfers
>> that work havoc on checksums - line ending sequences, tab
>> expansions, and
>> end-of-line whitespace pruning.
>> These can be handled (generally by carrying the code around in a
>> bottle of
>> some kind - tar, zip, etc) once one is aware of the issue.
> Also I was unaware that you could design collisions with MD5 or
> versions of SHA hashing. Charlie, could you point to that literature
> for me? It can't be as trivial as designing CRC collisions. best,
> -Joe
> --
> Joseph Lorenzo Hall
> PhD Student, UC Berkeley, School of Information
> <>
> _______________________________________________
> OVC-discuss mailing list

OVC-discuss mailing list
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Thu Nov 30 23:17:13 2006

This archive was generated by hypermail 2.1.8 : Thu Nov 30 2006 - 23:17:19 CST