MD5 and SHA cracked/broken...

Paul Rubin http
Mon Sep 13 05:11:11 CEST 2004

Sam Holden <sholden at> writes:
> Creating a collision between a "useful" file which people can
> examine and use and a "trojan" file which does "bad things" is
> significantly more difficult than creating two files whose
> MD5 sums collide but whose contents are essentially "random".

Of course it's not.  Just have a block of random-looking data
somewhere in the file, like in a bitmap image or something.  Who's
going to notice, if the bitmap doesn't actually get displayed?

More information about the Python-list mailing list