in reply to Re^3: Would Like Recommendation for an SHA256 module
in thread Would Like Recommendation for an SHA256 module

use warnings;
use strict;

use Digest::MD5 qw( md5 );

my $text1 = "\xA6\x64\xEA\xB8\x89\x04\xC2\xAC"
          . "\x48\x43\x41\x0E\x0A\x63\x42\x54"
          . "\x16\x60\x6C\x81\x44\x2D\xD6\x8D"
          . "\x40\x04\x58\x3E\xB8\xFB\x7F\x89"
          . "\x55\xAD\x34\x06\x09\xF4\xB3\x02"
          . "\x83\xE4\x88\x83\x25\x71\x41\x5A"
          . "\x08\x51\x25\xE8\xF7\xCD\xC9\x9F"
          . "\xD9\x1D\xBD\xF2\x80\x37\x3C\x5B"
          . "\x97\x9E\xBD\xB4\x0E\x2A\x6E\x17"
          . "\xA6\x23\x57\x24\xD1\xDF\x41\xB4"
          . "\x46\x73\xF9\x96\xF1\x62\x4A\xDD"
          . "\x10\x29\x31\x67\xD0\x09\xB1\x8F"
          . "\x75\xA7\x7F\x79\x30\xD9\x5C\xEB"
          . "\x02\xE8\xAD\xBA\x7A\xC8\x55\x5C"
          . "\xED\x74\xCA\xDD\x5F\xC9\x93\x6D"
          . "\xB1\x9B\x4A\xD8\x35\xCC\x67\xE3";

my $text2 = "\xA6\x64\xEA\xB8\x89\x04\xC2\xAC"
          . "\x48\x43\x41\x0E\x0A\x63\x42\x54"
          . "\x16\x60\x6C\x01\x44\x2D\xD6\x8D"
          . "\x40\x04\x58\x3E\xB8\xFB\x7F\x89"
          . "\x55\xAD\x34\x06\x09\xF4\xB3\x02"
          . "\x83\xE4\x88\x83\x25\xF1\x41\x5A"
          . "\x08\x51\x25\xE8\xF7\xCD\xC9\x9F"
          . "\xD9\x1D\xBD\x72\x80\x37\x3C\x5B"
          . "\x97\x9E\xBD\xB4\x0E\x2A\x6E\x17"
          . "\xA6\x23\x57\x24\xD1\xDF\x41\xB4"
          . "\x46\x73\xF9\x16\xF1\x62\x4A\xDD"
          . "\x10\x29\x31\x67\xD0\x09\xB1\x8F"
          . "\x75\xA7\x7F\x79\x30\xD9\x5C\xEB"
          . "\x02\xE8\xAD\xBA\x7A\x48\x55\x5C"
          . "\xED\x74\xCA\xDD\x5F\xC9\x93\x6D"
          . "\xB1\x9B\x4A\x58\x35\xCC\x67\xE3";

printf("len text1 %s len text2\n", length($text1) == length($text2) ? 
+'==' : '!=');
printf("text1     %s text2\n",     $text1         eq $text2         ? 
+'eq' : 'ne');
printf("md5 text1 %s md5 text2\n", md5($text1)    eq md5($text2)    ? 
+'eq' : 'ne');

[download]

outputs 

len text1 == len text2
text1     ne text2
md5 text1 eq md5 text2

[download]

Finding the collision took 8 hours using a notebook PC (Intel Pentium 1.6 GHz). That's minutes on a strong computer. Reference

Replies are listed 'Best First'.
Re^5: Would Like Recommendation for an SHA256 module
by syphilis (Archbishop) on Aug 02, 2006 at 00:35 UTC
    Finding the collision took 8 hours using a notebook PC (Intel Pentium 1.6 GHz)

    Heh ... I wondered as I wrote whether I would end up with the ol' egg facial treatment. (If you hadn't provided the link, I would have assumed that collision was something you whipped up all by yourself :-)

    Of course that doesn't demonstrate that a string (of a specific length) that hashes to a given digest can be found readily - which would be the OP's main concern. But, with the progress that is being made in the breaking of MD5, I think I might refrain from making any more rash assertions.

    Thanks, ikegami, for the heads up.

    Cheers,
    Rob
[reply]
      Fortunately for me, you asked the wrong question. Finding two strings with the same hash is a problem entirely different from the one of finding a string that hashes to a given hash. You really wanted the latter. I don't think MD5 has been broken with regards to the second problem, but attacks only get better. That's why it's time to move on to something more reliable.
[reply]

In Section Seekers of Perl Wisdom