Hi Pablo, There's a problem with that suggestion since MD5[1] and SHA1[2] are both vulnerable to hash collisions[3]. Try AES-256 :-D
[1] http://www.mscs.dal.ca/~selinger/md5collision/ [2] http://csrc.nist.gov/groups/ST/hash/statement.html [3] http://en.wikipedia.org/wiki/Collision_%28computer_science%29 [4] http://www.schneier.com/blog/archives/2009/07/new_attack_on_a.html 2009/7/13 Pablo Manalastas <[email protected]>: > ....We can suggest to Comelec to compute SHA1 or MD5 checksums of the > approved programs, and at election time, the checksums can be recomputed > (manually) and if the original checksum and new checksum agree, then there is > no substitution. _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
