Full Disclosure mailing list archives
Re: Re: Case ID 51560370 - Notice of ClaimedInfringement
From: Valdis.Kletnieks () vt edu
Date: Fri, 08 Apr 2005 13:20:08 -0400
On Fri, 08 Apr 2005 12:50:24 EDT, Jason said:
I think that entirely depends on the format the file is distributed in. You could take a zipfile and pad it in non critical areas to change the MD5 without creating a substantial difference in the deliverable content. You could do the same with gzip or bzip formatted files. You could also pad any embedded jpeg images to engineer a collision. There are quite a few opportunities where this method could be used to twiddle the new MD5 without materially changing the content.
It's easy to tweak a file and get a different MD5. That's why Tripwire works.
Software that is ~150M in size, it gets redistributed as a new file that is 160M is size but has a collision with your software which is also 160M in size. I imagine there would be some computational time involved to find the appropriate collision but a lot less computational time than finding a perfect match to the original.
You're missing the point. Let's say we have a file A that's 150M in size, and a file B that's 160M in size. File B is *not* under our control, and has a known fixed MD5 hash. It's easy to take file A, and create 2 files C and D from it that happen to have the same MD5 hash as each other. What is *NOT* easy is creating a file E that has the same hash as A or B.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason Coombs (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Thierry Zoller (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Anders Breindahl (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement AJ C (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement bkfsec (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Valdis . Kletnieks (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement dk (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Valdis . Kletnieks (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Valdis . Kletnieks (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement AJ C (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Thierry Zoller (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Thierry Zoller (Apr 09)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Scott Edwards (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Honza Vlach (Apr 09)
- Re: Re: Case ID 51560370 - Notice ofClaimedInfringement class101 () HAT-SQUAD com (Apr 08)
- <Possible follow-ups>
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason Coombs (Apr 07)