

Hash collisions. Two different docs and same MD5 hash value - carlos
http://th.informatik.uni-mannheim.de/people/lucks/HashCollisions/

======
tptacek
(1) This is very old news.

(2) If you are using MD5 OR SHA1 directly in any way, you almost certainly
have systems problems that are much scarier than Xiaoyung Wang's attack.

If you're doing things right, this stuff shouldn't make any difference.

------
sohail
I am not a PS guru. All of that is gibberish to me. I think this is what is
going on:

1) There is a single source file foo.ps 2) Since PS is interpreted, there is a
statement like: if(filename=="recommendation.ps") { show_recommendation(); }
else { show_give_security_clearance(); }

This attack will work on no matter what hash you use because it uses social
engineering (i.e., laziness - no one looks inside their PS files)

I think so anyway...

~~~
sohail
Just RTFA'd. Their attack is much more involved than I describe. However, it
should be trivial to do the same thing for an OpenOffice document or Word
document. Maybe I will try it...

------
phaedrus
I'm taking a computer forensics class, and the professor is an active
policeman who does computer forensics. They make a lot of use of hashes in
computer forensics - they use hashes to determine if evidence has been
tampered with. He's spoken about this - he's aware of the possibility of hash
collisions, but he does not believe anyone could practically use them in a
real attack.

------
maurycy
In other news, Roman Empire collapsed.

