Comment Re:The author lost me at MD5 (Score 1) 375
And here's (http://cryptography.hyperlink.cz/md5/MD5_collisions.pdf) a paper demonstrating a technique for finding MD5 collisions quickly: eight hours on 1.6 GHz computer.
And here's (http://cryptography.hyperlink.cz/md5/MD5_collisions.pdf) a paper demonstrating a technique for finding MD5 collisions quickly: eight hours on 1.6 GHz computer.
There are collisions. It is possible with MD5 to create a hash for two completely different files. Read Schneier's blog.
Incorrect. Read Schneier's blog, which I included in my post. It is broken for file hashing.
From the article:
"MD5 hash values are a cornerstone of computer forensics and fully accepted as evidence that two files are identical copies of each other. You could claim that you didn’t download the song from the file sharing network because you were the one who uploaded it, but I doubt that will help your legal predicament."
The MD5 hash has been known insecure since at least 2005. See: http://www.schneier.com/blog/archives/2005/06/more_md5_collis.html. I seriously doubt any computer forensics expert in 2011 would use MD5 hashes as evidence that two files are identical.
All seems condemned in the long run to approximate a state akin to Gaussian noise. -- James Martin