Hash and salt collision

Question

I remember a guy telling me that if I let him change 4 bytes he can make a file have any checksum he wants (CRC-32).

I heard mention of salting a hash. I am wonderin

Answer 1

Adding salt to your hash function doesn't really serve any purpose if the digest function has been compromised, because the salt will have to be made public to be used, and the attacker can adjust their file to factor this in too.

The solution to this problem is to use a secure hash function. MD5 has shown to be vulnerable to hash collision, but I believe SHA-1 has not (so far).