Ethical Hacking Training at InfoSec Institute

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Computer Forensics Computer-Forensics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: MD5 Collisions and Evidence Integrity

from [Cano, Eduardo] Network Security [Permanent Link]
Subject: RE: MD5 Collisions and Evidence Integrity
Date: Wed, 10 Nov 2004 14:31:21 -0000 

Rob,

Even with the announcement of the MD5 collisions issue, I think we were not 
prepared for such event and we continue to be stock to MD5 and I believe some 
other practices are like parallel hashing with MD5/SHA1.

There are some products that offer this as part of their service and you can 
grab it from here:
http://crossrealm.com/2hash/

Regards

Eduardo


-----Original Message-----
From: Ferrill, Rob [mailto:Rob.Ferrill@healthsouth.com]
Sent: Tuesday, November 09, 2004 1:44 PM
To: forensics@securityfocus.com
Subject: MD5 Collisions and Evidence Integrity

Has anyone stopped using MD5 for hashing evidence files since the
disclosure of collision issues at the Crypto 2004 conference?  There was
some concern raised during a discussion this morning that this may not
be acceptable in court cases anymore to prove evidence integrity.

Thanks,

Rob


Confidentiality Notice: This e-mail communication and any attachments may 
contain

confidential and privileged information for the use of the designated 
recipients named above. If

you are not the intended recipient, you are hereby notified that you have 
received this

communication in error and that any review, disclosure, dissemination, 
distribution or

copying of it or its contents is prohibited. If you have received this 
communication in

error, please notify me immediately by replying to this message and deleting it 
from your

computer. Thank you.

-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com


***************************************************************************************************
The information in this email is confidential and may be legally privileged.  
Access to this email by anyone other than the intended addressee is 
unauthorized.  If you are not the intended recipient of this message, any 
review, disclosure, copying, distribution, retention, or any action taken or 
omitted to be taken in reliance on it is prohibited and may be unlawful.  If 
you are not the intended recipient, please reply to or forward a copy of this 
message to the sender and delete the message, any attachments, and any copies 
thereof from your system.
***************************************************************************************************

-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
[More with this subject...]


<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: MD5 Collisions and Evidence Integrity, Richard Rager
Next by Date:  Re: MD5 Collisions and Evidence Integrity, Maarten Van Horenbeeck
Previous by Thread:  Re: MD5 Collisions and Evidence Integrity, Dave Dittrich
Next by Thread:  Re: MD5 Collisions and Evidence Integrity, Maarten Van Horenbeeck
Indexes:  [Date] [Thread] [Top] [All Lists]