in reply to Re: Re: How safe is truncating an MD5 digest string?
in thread How safe is truncating an MD5 digest string?

Are you saying that given a size and a target CRC checksum other than zero, it's easy to compose a message of length size that produces the target checksum?

Making a small change to the data, including changing one bit, should produce a totally different checksum, since that's what it was designed to do in the first place.

—John

  • Comment on Re: Re: Re: How safe is truncating an MD5 digest string?

Replies are listed 'Best First'.
Tweaking CRCs
by no_slogan (Deacon) on Sep 13, 2001 at 01:42 UTC
    Are you saying that given a size and a target CRC checksum other than zero, it's easy to compose a message of length size that produces the target checksum?
    Yes.

    Also, if you know the CRC of some data, you can calculate the CRC of "data xor something", even if you don't know what the data was! 

    use String::CRC32;
# given $crc == crc32($data)
$crc2 = $crc ^ crc32($diff) ^ crc32("\0" x length($diff));
# now, $crc2 == crc32($data ^ $pad.$diff)
# where $pad = "\0" x (length($data) - length($diff))

    [download]
[reply]
[d/l]
      So, although it's good at finding accidental mutations to data, it's quite easy to contrive a change that produces a given checksum.

      It seems to me that for any hash function, if you only have 2**32 different fingerprints, you can find something by brute force.

[reply]

In Section Seekers of Perl Wisdom