Firewall Wizards mailing list archives
Re: MD5 x SHA-1
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Fri, 06 Dec 2002 17:53:40 -0500
Roberto João Lopes Garcia wrote:
I need to know which is better as a file hash, that is, to see if a file was modified MD5 or SHA-1
In a sense they are equally good. An attacker will almost certainly bypass the hash if possible, by doing os-level file substitution tricks like you'll see in some rootkits. SHA-1 is a better hashing algorithm than MD5, at this time, but I suspect either is far above and beyond what virtually anyone will try to attack, unless you're dealing with absolutely secret squirrel stuff. mjr. --- Marcus J. Ranum http://www.ranum.com Computer and Communications Security mjr () ranum com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- MD5 x SHA-1 Roberto João Lopes Garcia (Dec 06)
- Re: MD5 x SHA-1 Marcus J. Ranum (Dec 06)
- Re: MD5 x SHA-1 John Adams (Dec 06)
- Re: MD5 x SHA-1 Kevin Steves (Dec 07)
- Re: MD5 x SHA-1 John Adams (Dec 07)
- Re: MD5 x SHA-1 Kevin Steves (Dec 07)
- RE: MD5 x SHA-1 Brian A Kee (Dec 06)
- RE: MD5 x SHA-1 Bill Royds (Dec 07)
- Re: MD5 x SHA-1 Adam Shostack (Dec 07)
- RE: MD5 x SHA-1 Bill Royds (Dec 07)