Hash and salt collision

前端 未结 4 1286
半阙折子戏
半阙折子戏 2021-01-13 08:21

I remember a guy telling me that if I let him change 4 bytes he can make a file have any checksum he wants (CRC-32).

I heard mention of salting a hash. I am wonderin

4条回答
  •  时光说笑
    2021-01-13 08:58

    Adding salt to your hash function doesn't really serve any purpose if the digest function has been compromised, because the salt will have to be made public to be used, and the attacker can adjust their file to factor this in too.

    The solution to this problem is to use a secure hash function. MD5 has shown to be vulnerable to hash collision, but I believe SHA-1 has not (so far).

提交回复
热议问题