Strict Standards: Declaration of Walker_Comment::start_lvl() should be compatible with Walker::start_lvl(&$output) in /home/drkaos/kaos.to/blog/wp-includes/comment-template.php on line 0

Strict Standards: Declaration of Walker_Comment::end_lvl() should be compatible with Walker::end_lvl(&$output) in /home/drkaos/kaos.to/blog/wp-includes/comment-template.php on line 0

Strict Standards: Declaration of Walker_Comment::start_el() should be compatible with Walker::start_el(&$output) in /home/drkaos/kaos.to/blog/wp-includes/comment-template.php on line 0

Strict Standards: Declaration of Walker_Comment::end_el() should be compatible with Walker::end_el(&$output) in /home/drkaos/kaos.to/blog/wp-includes/comment-template.php on line 0

Strict Standards: Redefining already defined constructor for class WP_Dependencies in /home/drkaos/kaos.to/blog/wp-includes/class.wp-dependencies.php on line 31

Strict Standards: Redefining already defined constructor for class WP_Http in /home/drkaos/kaos.to/blog/wp-includes/http.php on line 61

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/drkaos/kaos.to/blog/wp-includes/comment-template.php:0) in /home/drkaos/kaos.to/blog/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php on line 121

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/drkaos/kaos.to/blog/wp-includes/comment-template.php:0) in /home/drkaos/kaos.to/blog/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php on line 121

Strict Standards: Redefining already defined constructor for class ftp_base in /home/drkaos/kaos.to/blog/wp-content/plugins/wordpress-automatic-upgrade/lib/ftp_class.php on line 56

Strict Standards: Redefining already defined constructor for class ftp in /home/drkaos/kaos.to/blog/wp-content/plugins/wordpress-automatic-upgrade/lib/ftp_class_sockets.php on line 8

Strict Standards: Redefining already defined constructor for class WP_Dependencies in /home/drkaos/kaos.to/blog/wp-content/plugins/wordpress-support/wordpress-support.php(10) : runtime-created function(1) : eval()'d code(1) : eval()'d code on line 1
MD5 in Head-on Collision | kaos.theory: fractal blog

MD5 in Head-on Collision

Via Schneier:

Two researchers from the Institute for Cryptology and IT-Security have generated PostScript files with identical MD5-sums but entirely different (but meaningful!) content.

Ok, so this really is a pretty amazing demonstration of MD5 collision, as it uses two PostScript files (both available for download) which render two vastly different documents but both produce the same MD5 hash. Scary.

In this example, however, note that the files used are PostScript files, and as one commenter at Schneier’s page suggests:

The drawback of this attack is that the proof of bad intent lies within both documents. That is your “evil” content exists within the “innocent” document and vice versa, so that if the documented is opened in a text editor you can realize what is going on.

The overview by Magnus Daum and Stefan Lucks is very good and I highly recommend that you pull down their example files and see this firsthand.

Share and Enjoy:
  • Technorati
  • Digg
  • del.icio.us
  • Facebook
  • TwitThis
  • Slashdot
  • StumbleUpon
  • Google
  • Pownce
  • Reddit
  • Fark
  • Ma.gnolia

Leave a Reply

By submitting a comment here you grant this site a perpetual license to reproduce your words and name/web site in attribution.