Reply to post: Re: md5?

Linux Mint hacked: Malware-infected ISOs linked from official site

Anonymous Coward
Anonymous Coward

Re: md5?

> Because although it's relatively easy to locate collisions with MD5, it's still tricky to perform a preimage attack against an MD5 hash

Not *that* hard. You could do it in 2008 in about 3 days with a lab of 200 Playstation 3's:

http://www.win.tue.nl/hashclash/rogue-ca/

These days you can probably do it on EC2 with a bunch of GPU instances and spot pricing.

> many repos also offer SHA1 hashes as a secondary method, and it would be a computationally astronomical feat to be able to succesfully second-preimage attack an ISO that has BOTH an MD5 AND an SHA1 hash.

SHA1 has not been broken in this way (yet) - so surely this should be the primary method, not the secondary. Better still, just use SHA256, as there are indications SHA1 is also close to compromise.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020