|
|
|
|
|
|
by aljarry
896 days ago
|
|
|
> It's broken in an adversarial situation: given the hash of evidence-file A, it's possible to construct a file B that gives the same hash. No, that's a second preimage attack. MD5 is safe against preimage & second preimage attacks. What MD5 is not safe against, is a collision attack: you can create two messages/files with different content, that end up having the same hash. |
|
|
So to exploit the vulnerability, you have to be able to manipulate file A, the original piece of evidence, to construct a file B that has a matching hash. I still fail to see how this impacts files submitted to a court in evidence.