Yeah, sounds all right. I'll definitely keep an eye on your site. It's promising, for sure!
All the best for your site (I of course did sign up for your newsletter)!
Doc Jekill aka Jens
2hash - parrallel md5, sha1 hashing
I created this a while back, before the md5 collisions were found, for just this type of reason… It just took me a while to get around to publishing it. You can get the source code and binaries at the address above. Give it a test run and let me know what you think…
T
Thanks for that, Thomas, and welcome to Forensic Focus. Perhaps you'd like to add a link in our downloads section?
Kind regards,
Jamie
I have read some issues relating to this topic on other boards. The inference being that its the end of the world for all forensic examinations that rely on MD5 hash verification (for example EnCase), due to this research by Chinese mathematicians. To my knowledge the MD5 verified data in question is 'steamed' data, or data transmitted in a packet down a wire.
To cut a long story short, I will begin to worry when someone can alter an EnCase evidence file by one bit and manage to product an identical MD5 hash value 8)
Andy
Hi all,
When I read about this my first thoughts were MD6 won't be long. But the reality, as I see it is this. Two files were manufactured to have the same MD5, this is totally different to encountering two files which by chance have the same MD5. It would be like saying that simply because a scientist can clone a cell in a test tube, that all DNA evidence is no longer valid.
However, although I think we can rely upon the MD5 for the considerable future, I think where we do have to be careful is how we word this reliance in our evidence. It is afterall just probability, and anything is possible.
Just my 2 pennies worth
John
I don't see an MD6 coming down the line. The author of MD5 discourages the use MD5 since 1996 (!) and suggests using SHA-1 instead. While the collision attacks presented this summer don't make MD5 completely unusable for forensic purposes i suggest avoiding it wherever possible.
Lawyer How did you ensure nobody tampered with the evidence?
Whitness I used cryptographic hashes!
L which?
W MD5
L Isn't MD5 broken by Chinese scientists [waves the crypto paper] so you can't trust it anymore?
W [Long winding explanation why you still trust the evidence]
L So you claim that MD5 is still secure. Then can you explain me why the inventor of MD5 since 1996 discourages the use of MD5 and the scientific community considers MD5 broken? [waving news articles on that topic]
W …
Hi mdornseif I get your point, but I feel you are in danger of making a mountain out of a molehill. Most FC practitioners use either EnCase or FTK, so we are kind of stuck with MD5 (at least for the time being).
The fact is that if an EnCase, FTK or even Linux DD file is tampered with by only one bit, the MD5 hash values will drastically differ. Representatives of GSI are prepared to travel and defend their product in any court if necessary.
Yes it is possible to attack the MD5 algorithm and break it, but this is something done with a 200 KB stream of data (or that is my understanding of it) and something used with cryptography of data streams, and done on powerful computers over time. Also there is only a small number of people in the world who may be able to accomplish this task.
I have seen a post by somebody on the Guidance/EnCase bbs relating to a method of altering 6 very specific file offsets in a .txt file, which results in the same MD5 hash. He describes it as a parlor trick. In order for an investigator or suspect to alter original evidence in any 'meaningful way' (i.e to fit up someone up) then the magnitude of the task IMHO is computationally unfeasible.
In the criminal courts fingerprint and DNA evidence is accepted and these two provide computationally less accuracy. As long as you stick to basic evidence handling principles then this helps negate any defense tactic of attacking the validity of the evidence.
I don't think you would need a long winded explanation of how MD5 works ( I don't think I could thoroughly explain it anyway).
An MD5 hash value of a hard drive is an indication that evidence has not been altered since it was handled by the prosecution. Someone correct me if I am wrong but the MD5 hash is a mathematical algorithm that calculates data and provides a value, and really should not be described as a cryptographic hash, this complicates matters unnecessarily.
I have seen advice along the lines that the chances of creating two meaningful and different files bearing the same MD5 hash value as being "computationally unfeasible, given reasonable time". The scientific community may consider the MD5 hash broken, but I don't think the Forensic Computing community (for the purpose of image validation) do.
In effect if a defense lawyer is attacking the hashing function of the likes of EnCase and FTK, and waving papers etc,(in effect attempting a lawyer technique of ambushing you) then I would suggest that the court may wish to speak to the manufacturer of the used product for a more thorough explanation, as this area of mathematics is beyond my current knowledge.
A quote from Brian Deering in his artcile Data Validation Using The Md5 Hash- "The obvious response to any questions along this line is, 'Yes, it is possible to intervene and effect a possible outcome.' and 'No, I did not tamper with the evidence.'
Just my 2 pennies, for what its worth.
Andy 🙂
> Two files were manufactured to have the same MD5, this is totally different to encountering two files which by chance have the same MD5
Not necessarily true. If I can alter the data to suite my unethical needs, then apply this algorithm to some 'junk' data elsewhere in the image to force an md5 match then I have broken the usefulness of relying on md5 checksums. Whether or not anyone can do this yet is unknown, but the Chinese research indicates it is theoretically possible.