From: “Perry E. Metzger” <perry@imsi.com>
To: fnerd@smds.com (FutureNerd Steve Witham)
Message Hash: bdfff5506630334e5b83c609496143810026973f7fedd7959389e92f08dd9078
Message ID: <9405252055.AA04974@snark.imsi.com>
Reply To: <9405252005.AA16279@smds.com>
UTC Datetime: 1994-05-25 20:56:45 UTC
Raw Date: Wed, 25 May 94 13:56:45 PDT
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 25 May 94 13:56:45 PDT
To: fnerd@smds.com (FutureNerd Steve Witham)
Subject: Re: Orthogonal Checksums?
In-Reply-To: <9405252005.AA16279@smds.com>
Message-ID: <9405252055.AA04974@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain
FutureNerd Steve Witham says:
> I've looked it up in Schneier. There doesn't seem to be
> anything about this exact situation; will the following work?
>
> Alice makes a 128-bit random string and asks Bob to take the
> MD5 of the file with her random string prepended. This is
> impossible for Bob to compute without the file. Right?
>
> Alice, however, can precompute as many of these as she wants
> (as long as she keeps them secret) so she doesn't have to
> actually keep the file.
Sounds like it should work. The one provisio that I would make is that
if you want to have the hashes work for years, you have to accept the
fact that MD5 will become weaker and weaker as years wear on. I trust
it today, but I'm not sure its good to trust it to last ten or fifteen
years...
Perry
Return to May 1994
Return to ““Perry E. Metzger” <perry@imsi.com>”