Shorter checksum than MD5

Elbert Lev elbertlev at hotmail.com
Fri Sep 10 16:56:44 CEST 2004


Paul Rubin <http://phr.cx@NOSPAM.invalid> wrote in message news:<7xllfjfe9m.fsf at ruckus.brouhaha.com>...
...snip

>Also, with CRC32,
> it's very easy to create a record on purpose that has any given
> checksum.  Is THAT a problem?  For example, it means that if someone
> can change the price of an article, he can choose a new price so that
> the record will have the same checksum as the old price and the change
> won't get noticed.  Could he buy something for $1.00, change the price
> to $11.73 or something, then return the item and get an $11.73 refund
> because you didn't notice the update?

Really? If this is "very easy" please modify the string to have the same CRC32:

"The probability of the changed dada having the same CRC32  is 1/2**32"

crc32 =  de6acdf9

To make the task even easier, I will not give you the "salt" value :)



More information about the Python-list mailing list