[Novalug] linux update security?

DonJr djr1952@hotpop.com
Mon Jan 14 21:42:43 EST 2008


On Mon, 2008-01-14 at 20:00 -0500, Nino Pereira wrote:
> Clayton Graham wrote:
> > Mark Smith wrote:
> >>> but I have also heard that two different files can produce
> >>> the same hash result, so a hacker can tweak run the md5 hash until
> >>> they find a variant that produces the same md5, even though the
> >>> content is different.
> >>>     
> >>
> >> no.
> >>
> >>   
> > Ummm, actually, yes. A simple way to think about it; an md5 hash is 128 
> > bits long, so there are 2^128 different md5 hashes,  and 2^128 is
> also the number of different 16-byte files.
> 
> But this is only theoretical, very, very theoretical. 2^128 is an
> such an enormously large number, about 10^(128/3) or 10^40, that
> you can't fit these files on all the hard disks in the world by a
> long shot. In a 1 Tb drive you have 10^15 bits or bytes (it hardly
> matters: an order of magnitude is nothing, like in some astronomical
> estimates), so it holds maybe 10^15 files. You need 10^25 of these
> large drives to store all these files before 2 of them give the
> same hash, or are the same. That's 10^15 of these enormous drives
> for every man, woman and child in the whole world, all 10 billion
> of them. One stack of these drives, for each person, would reach
> beyond the Sun.
> 
> The 10^25 drives easily cover the whole earth. I calculate you
> need 10^17 of them for a single laer, so you have a layer of
> 100 million thick that stretches beyond the atmosphere (100 km).
> 
> So, I'd say the md5 hash is pretty secure.
> 
> Nino

I think your number is a little off.

The following is from: http://rfc.net/rfc1321.html  dated:  April 1992

 4. Summary

   The MD5 message-digest algorithm is simple to implement, and provides
   a "fingerprint" or message digest of a message of arbitrary length.
   It is conjectured that the difficulty of coming up with two messages
   having the same message digest is on the order of 2^64 operations,
   and that the difficulty of coming up with any message having a given
   message digest is on the order of 2^128 operations. The MD5 algorithm
   has been carefully scrutinized for weaknesses. It is, however, a
   relatively new algorithm and further security analysis is of course
   justified, as is the case with any new proposal of this sort.



While 2^64 and 2^128 are large, there not as large as you tried to make
them out as.

  2 to the 64 is only 18,446,744,073,709,551,616
  2 to the 128 is       3.402823669e+38    {that's a lot of zeros}

 Although the current National debit is only: $ 5,513,791,535,398
   <http://zfacts.com/p/461.html>

-- DonJr






More information about the Novalug mailing list