Three Tier Oracle Security in London ~ Paul M. Wright

(nix, oracle, java, www, cloud ) intersect (safety, security, reliability, integrity)

Three Tier Oracle Security in London ~ Paul M. Wright RSS Feed
 

MD5 and SHA1 for high security checksums

The checksum process can be done using the MD5 algorithm. For high security purposes it is preferable to check integrity using both MD5 and SHA1 due to the fact that collisions in MD5 allow for two files with differing content to have the same checksum. http://www.doxpara.com/md5_someday.pdf

Also by using a tool called stripwire http://www.doxpara.com/stripwire-1.1.tar.gz it is possible for an attacker to control the content of a malicious collision. Using both MD5 and SHA1 checksums, dual collisions become all but impossible. FCIV will create both checksums by using the –both flag.

http://support.microsoft.com/kb/841290

C:\evidence>dir

17/03/2007  17:48      

          .

17/03/2007  17:48      

          ..

17/03/2007  17:48            5,251,072 USERS01.DBF

1 File(s)      5,251,072 bytes

2 Dir(s)   6,233,526,272 bytes free

C:\evidence>fciv -both users01.dbf

// File Checksum Integrity Verifier version 2.05.

MD5                             SHA-1

————————————————————————-

8db69198f8b69d4a2bae93431538763d 28cb496d2c588cad674dde918a1f5095cb50744b users01.dbf

(On *NIX the md5sum utility can be used in place of fciv).

Leave a Reply

You must be logged in to post a comment.