[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] GNotary
|
From: |
Horst Herb |
|
Subject: |
Re: [Gnumed-devel] GNotary |
|
Date: |
Tue, 30 Aug 2005 22:28:48 +0000 |
|
User-agent: |
KMail/1.7.2 |
On Tue, 30 Aug 2005 17:15, Karsten Hilbert wrote:
> That doesn't make any difference whatsoever.
>
> GNotary is about being able to prove the *integrity* of a
> document not the truthfulness of the content.
It does make a huge difference
With that attack you can equally well have two separate documents a priori -
the principle is that MD5 sequentially processes blocks of data, meaning you
can change just a single block with a collision block, and the whole of the
document will still produce the same hash.
With increasing availability of huge MD5sum databases where you can simply
search for already existing collisions, you can handcraft a collision block
that effectively changes data in a non-detectable way. Still rather difficult
and certainly an effort, but doable.
Horst
- Re: [Gnumed-devel] GNotary, (continued)
- Re: [Gnumed-devel] GNotary, Karsten Hilbert, 2005/08/30
- Re: [Gnumed-devel] GNotary,
Horst Herb <=