Firewall Wizards mailing list archives

Re: MD5 x SHA-1

From: "Marcus J. Ranum" <mjr () ranum com>
Date: Fri, 06 Dec 2002 17:53:40 -0500

Roberto João Lopes Garcia wrote:

I need to know  which is better as a file hash, that is, to see if a file was modified

MD5 or SHA-1


In a sense they are equally good. An attacker will almost
certainly bypass the hash if possible, by doing os-level
file substitution tricks like you'll see in some rootkits.

SHA-1 is a better hashing algorithm than MD5, at this time,
but I suspect either is far above and beyond what virtually
anyone will try to attack, unless you're dealing with absolutely
secret squirrel stuff.

mjr. 
---
Marcus J. Ranum                         http://www.ranum.com
Computer and Communications Security    mjr () ranum com

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

MD5 x SHA-1 Roberto João Lopes Garcia (Dec 06)
- Re: MD5 x SHA-1 Marcus J. Ranum (Dec 06)
- Re: MD5 x SHA-1 John Adams (Dec 06)
  - Re: MD5 x SHA-1 Kevin Steves (Dec 07)
    - Re: MD5 x SHA-1 John Adams (Dec 07)
- RE: MD5 x SHA-1 Brian A Kee (Dec 06)
  - RE: MD5 x SHA-1 Bill Royds (Dec 07)
    - Re: MD5 x SHA-1 Adam Shostack (Dec 07)