Re: Could timestamps be replaced with MD5?

[Tobias Weingartner]

On Tuesday, April 18, John Macdonald wrote:
> 
> Schneier (note the spelling) has reservations about RC5 - there is an
> attack that makes it possible to create string pairs that have that
> same hash code - but that is for cryptographic usage and it is by no
> means clear that a equally hashing value can be found for an
> arbirtrary text.

I think you meant MD5, not RC5.  One is a hash, the other a stream
cipher (I believe).  Yes, MD5 is not as resistant to collisions as
the authors had originally hoped, however, it is likely more than
good enough to do the checksumming of a particular file.  We are not
looking for a cryptographically secure hash, but one that has good
properties, including the possibility of having random hashing
collisions.


> You're still talking universe lifetimes as the collision frequency when
> there is no deliberate attempt to cause a collision.

Exactly.

--Toby.