{LINUX TIPS} MD5 HASHES: VERIFYING THE INTEGRITY OF YOUR FILES

meow · 03-02-2016, 05:50 AM

The idea of checking file integrity via hashing is good, the only thing I have against this thread is the use of MD5.

To anyone reading, I'd recommend SHA-1 hashing over MD5, considering MD5 has significantly greater room for collisions than SHA-1. As of October 15, 2015, there are no publicly known collisions for SHA-1. There have only been theoretical collisions.

roger_smith · 03-02-2016, 01:12 PM

(03-02-2016, 05:50 AM)meow Wrote: The idea of checking file integrity via hashing is good, the only thing I have against this thread is the use of MD5.

To anyone reading, I'd recommend SHA-1 hashing over MD5, considering MD5 has significantly greater room for collisions than SHA-1. As of October 15, 2015, there are no publicly known collisions for SHA-1. There have only been theoretical collisions.

All of this is true. See my response to Sans.

I'll make a follow up to this thread about why sha1 = more better

Sans · 03-02-2016, 07:42 PM

https://www.schneier.com/blog/archives/2...sis_o.html
> 2005
> It's time for us all to migrate away from SHA-1.
> Bruce Schneier, the Chuck Norris of crypto

roger_smith · 03-03-2016, 12:39 AM

(03-02-2016, 07:42 PM)Sans Wrote: https://www.schneier.com/blog/archives/2...sis_o.html
> 2005
> It's time for us all to migrate away from SHA-1.
> Bruce Schneier, the Chuck Norris of crypto

Quote:How to check if your ISO is compromised?

If you still have the ISO file, check its MD5 signature with the command “md5sum yourfile.iso” (where yourfile.iso is the name of the ISO).

The valid signatures are below:

6e7f7e03500747c6c3bfece2c9c8394f linuxmint-17.3-cinnamon-32bit.iso
e71a2aad8b58605e906dbea444dc4983 linuxmint-17.3-cinnamon-64bit.iso
30fef1aa1134c5f3778c77c4417f7238 linuxmint-17.3-cinnamon-nocodecs-32bit.iso
3406350a87c201cdca0927b1bc7c2ccd linuxmint-17.3-cinnamon-nocodecs-64bit.iso
df38af96e99726bb0a1ef3e5cd47563d linuxmint-17.3-cinnamon-oem-64bit.iso
If you still have the burnt DVD or USB stick, boot a computer or a virtual machine offline (turn off your router if in doubt) with it and let it load the live session.

Once in the live session, if there is a file in /var/lib/man.cy, then this is an infected ISO.

^^ "Clem", the knob that wrote the article on the Linux Mint blog.

While MD5 is broken, it's still widely used for these types of things. Sad state of affairs, certainly, but true none the less Sad

meow · 03-03-2016, 01:38 AM

(03-02-2016, 07:42 PM)Sans Wrote: https://www.schneier.com/blog/archives/2...sis_o.html
> 2005
> It's time for us all to migrate away from SHA-1.
> Bruce Schneier, the Chuck Norris of crypto

> SHA-1 is not collision-free (well duh - anything with a fixed length output is bound to have collisions)
> The electronic world is no less secure after these announcements than it was before
> This attack is completely theoretical and not even remotely practical
...*10 years later*...
> As of October 15, 2015, there are no publicly known collisions for SHA-1

roger_smith · 03-03-2016, 02:56 AM

Interesting bit of info talking about MD5 collisions

http://www.mathstat.dal.ca/~selinger/md5collision/