•  
      request #8103 A broken hash function is used to check the integrity of a file
    Infos
    #8103
    Thomas Gerbet (tgerbet)
    2015-05-27 16:53
    2015-05-27 16:53
    8126
    Details
    A broken hash function is used to check the integrity of a file
    Properties of collision and preimage resistance are broken with MD5. It is quite easy to generate two files with the same MD5 hash.
    A cryptographic hash function must be used instead. A hash function from the SHA-2 family or SHA-3 are good candidates.

    References:
    http://merlot.usc.edu/csac-f06/papers/Wang05a.pdf
    http://www.mathstat.dal.ca/~selinger/md5collision/
    http://natmchugh.blogspot.fr/2014/10/how-i-created-two-images-with-same-md5.html
    Delivery/File release system
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Empty
    Verified
    Empty
    Attachments
    Empty
    References
    References list is empty