On Tue, Apr 19, 2005 at 06:48:57PM -0400, C. Scott Ananian wrote:
On Tue, 19 Apr 2005, David Meybohm wrote:
But doesn't this require assuming the distribution of MD5 is uniform,
and don't the papers finding collisions in less show it's not? So, your
birthday-argument for calculating the
On Tue, 19 Apr 2005, David Meybohm wrote:
But doesn't this require assuming the distribution of MD5 is uniform,
and don't the papers finding collisions in less show it's not? So, your
birthday-argument for calculating the probability wouldn't apply, because
it rests on the assumption MD5 is
[trimmed cc list, nobody wants to read this noise]
On Sat, Apr 16, 2005 at 11:35:39PM +0200, Brian O'Mahoney wrote:
(1) I _have_ seen real-life collisions with MD5, in the context of
Document management systems containing ~10^6 ms-WORD documents.
Dude! You could have been *famous*!
On Mon, 18 Apr 2005, Andy Isaacson wrote:
If you had actual evidence of a collision, I'd love to see it - even if
it's just the equivalent of
% md5 foo
d3b07384d113edec49eaa6238ad5ff00 foo
% md5 bar
d3b07384d113edec49eaa6238ad5ff00 bar
% cmp foo bar
foo bar differ: byte 25, line 1
%
But in the
* David Lang [EMAIL PROTECTED] wrote:
this issue was raised a few days ago in the context of someone
tampering with the files and it was decided that the extra checks were
good enough to prevent this (at least for now), but what about
accidental collisions?
if I am understanding things
Three points:
(1) I _have_ seen real-life collisions with MD5, in the context of
Document management systems containing ~10^6 ms-WORD documents.
(2) The HMAC (ethernet-harware-address) of any interface _should_
help to make a unique Id.
(3) While I havn't looked at the details of the
Dear diary, on Sat, Apr 16, 2005 at 04:58:15PM CEST, I got a letter
where C. Scott Ananian [EMAIL PROTECTED] told me that...
On Sat, 16 Apr 2005, Brian O'Mahoney wrote:
(1) I _have_ seen real-life collisions with MD5, in the context of
Document management systems containing ~10^6 ms-WORD
2005 10:58:15 -0400 (EDT)
From: C. Scott Ananian [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: David Lang [EMAIL PROTECTED], Ingo Molnar [EMAIL PROTECTED],
git@vger.kernel.org
Subject: Re: SHA1 hash safety
On Sat, 16 Apr 2005, Brian O'Mahoney wrote:
(1) I _have_ seen real-life collisions with MD5
what I'm talking about is the chance that somewhere, sometime there will
be two different documents that end up with the same hash
I have vastly greater chance of a file colliding due to hardware or
software glitch than a random message digest collision of two legitimate
documents.
I've lost
sysadmins realize that there are an infinante number of files that map to
Sysadmins know that there are an infinite ways for their
systems to crap out, and try to cover for the ones that
there is a snow balls chance in Hades of them seeing in
their lifetime.
--
I won't rest
Hi!
We've already computed the chances of a random pure hash collision
with SHA1 - it's something like an average of 1 collision every
10 billion years if we have 10,000 coders generating 1 new file
version every minute, non-stop, 24 hours a day, 365 days a year.
GIT is safe even for the
Brian == Brian O'Mahoney [EMAIL PROTECTED] writes:
Brian (1) I _have_ seen real-life collisions with MD5, in the context
Brian of Document management systems containing ~10^6 ms-WORD
Brian documents.
Was this whole-document based, or was it blocked or otherwise chunked?
I'm wondering,
but the chance of any collision at all wigs me out.
Guess you're just going to get wigged out then.
--
I won't rest till it's the best ...
Programmer, Linux Scalability
Paul Jackson [EMAIL PROTECTED] 1.650.933.1373,
1.925.600.0401
-
To
Paul Jackson wrote:
what I'm talking about is the chance that somewhere, sometime there will
be two different documents that end up with the same hash
I have vastly greater chance of a file colliding due to hardware or
software glitch than a random message digest collision of two legitimate
I have nothing further to contribute to this subtopic.
Good luck with it.
--
I won't rest till it's the best ...
Programmer, Linux Scalability
Paul Jackson [EMAIL PROTECTED] 1.650.933.1373,
1.925.600.0401
-
To unsubscribe from this list:
15 matches
Mail list logo
