Re: md5 collision



matt_left_coast <not@xxxxxxxxxx> writes:

>Unruh wrote:

>> matt_left_coast <not@xxxxxxxxxx> writes:
>>
>>>Unruh wrote:
>>
>>>> matt_left_coast <not@xxxxxxxxxx> writes:
>>>>
>>>>>Peter Pearson wrote:
>>>>
>>>>>> matt_left_coast wrote:
>>>>>>
>>>>>>> Unruh wrote:
>>>>>>>
>>>>>>>>>When dealing with the first case, you create the first of the two
>>>>>>>>>files, then the file IS known. Then you would be dealing with the
>>>>>>>>>second case.
>>>>>>>>
>>>>>>>> But you have to create them together. You cannot create one and then
>>>>>>>> make another which has the same md5.
>>>>>>>
>>>>>>> Exact process, please.
>>>>>>
>>>>>> The logic here escapes me. Unruh appears to be claiming that
>>>>>> you cannot do something ("cannot create one and then make
>>>>>> another which has the same md5"), and matt_left_coast appears
>>>>>> to be asserting that Unruh should support that claim by
>>>>>> detailing how to do something. You cannot show that something
>>>>>> is impossible by showing how to do something. If
>>>>>> matt_left_coast wishes to claim that one can find a preimage
>>>>>> to a given hash, it's up to him to specify how.
>>>>>>
>>>>>> A recent paper on md5 attacks is "Improved Collision Attack on MD5"
>>>>>> by Yu Sasaki, Yusuke Naito, Noboru Kunihiro, and Kazuo Ohta,
>>>>>> available at http://eprint.iacr.org/2005/400.pdf. The procedure
>>>>>> is outlined in section 3.4. While the details are not essential
>>>>>> to this discussion, the alert reader will note that the attack
>>>>>> does *not* produce a preimage for a given hash, but rather produces
>>>>>> a pair of messages whose hashes match. Unruh is quite right.
>>>>>>
>>>>
>>>>>Are the two files useful for ANYTHING? What are you going to do, put up
>>>>>one of the files for download and swap it for the other? Yeah, you can
>>>>>generate virtually random files that have the same MD5 value but what is
>>>>>the use? It is a meaningless exercise in mental masturbation. Other than
>>>>>to prove it can be done, what use is it? Can you come up with a truly
>>>>>useful "attack" that could be based on this?
>>>>
>>>> No. The two files can contain some random parts, but that can be hidden
>>>> in many file formats. Ie, it is easy to create two different word files
>>>> which have some random junk in the file area which is not used by word
>>>> to create the text such that the two files have the same md5 hash.
>>>>
>>
>>>In other words, two meaningless files. There is no reason to do this other
>>>than to prove it can be done.
>>
>>>>
>>>>
>>>>>Quite frankly, people worried about the MD5 thing are nuts, the
>>>>>likelyhood that 2 legitimate files exist in any place where it could be
>>>>>an issue is so ridiculously remote and other issues so much more
>>>>>important that it is probably not worth the effort devoted to this
>>>>>discussion.
>>>>
>>>> No it is not. It is now easy for a crook to have you give you one
>>>> document, and then produce another with entirely different text but with
>>>> exactly the same MD5 hash which is what he claims he signed.
>>
>>>But you said " One cannot create a second file with the same md5 hash as
>>>a given file." Here you are saying it would be EASY! Get your stories
>>>straight.
>>
>> GEt your reading straight. I said you cannot create a second file with the
>> same md5 hash as a GIVEN file. What is easy is to create two files with
>> the same md5 hash.
>> He gives you one, but uses the other.

>Nope, you stated that he gives me the file "and then produce another".
>Re-read what you said. The way you wrote it he produces the second file
>AFTER he gave me the first. Get your facts straight.

What I had said three times before and assumed that your attention span was
long enough to remember was that those two were prepared AT THE SAME TIME.
Yes, he "produced", made manifest, brought to light, used, the other AFTER
the first had been signed. Of course he would not give you both at the same
time. I assume a fraud artist has at least a minimal level of competence,
unlike some netnews posters.




>A comparison of the two prove fraud, not smart.

>--


.



Relevant Pages

  • Re: md5 collision
    ... It is a meaningless exercise in mental masturbation. ... >> exactly the same MD5 hash which is what he claims he signed. ... GEt your reading straight. ... I said you cannot create a second file with the ...
    (comp.os.linux.security)
  • Re: md5 collision
    ... >| same md5 hash as a given file. ... other "I agree to pay you $1000" afterwards, ... and that junk could be hidden in the huge amount to junk that Word for ... >| One cannot create a second file with the same md5 hash as a given ...
    (comp.os.linux.security)
  • Re: md5 collision
    ... >>Unruh wrote: ... >>> to create the text such that the two files have the same md5 hash. ... > GEt your reading straight. ... I said you cannot create a second file with the ...
    (comp.os.linux.security)
  • Re: md5 collision
    ... >>| same md5 hash as a given file. ... >>| One cannot create a second file with the same md5 hash as a given ... it has been found out that it is relatively easy (or at least ... >If you just have the md5 hash, it is still relatively hard to generate ...
    (comp.os.linux.security)
  • Re: md5 collision
    ... >| b)One cannot create collisions. ... >| same md5 hash as a given file. ... >| One cannot create a second file with the same md5 hash as a given ... it has been found out that it is relatively easy (or at least ...
    (comp.os.linux.security)