Version française
Home     About     Download     Resources     Contact us    

This site is updated infrequently. For up-to-date information, please visit the new OCaml website at

Browse thread
Computing with big numbers?
[ Home ] [ Index: by date | by threads ]
[ Search: ]

[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
Date: 2008-12-04 (16:40)
From: David Thomas <david_hd@y...>
Subject: Re: [Caml-list] Computing with big numbers?
That depends on the threat model.  If the question is, "presuming no active attack, how likely is it to break?", then the cryptanalytic results against the hash are irrelevant.  If the question is "how secure is it if someone is maliciously manipulating files", then they are certainly relevant.

If you're operating between reasonably secure machines, where an attacker having write access is already more catastrophic than a failure of Unison, then the first is what matters.  If someone else has control over some of the files, then you've gotta watch the second.

--- On Thu, 12/4/08, Florian Hars <> wrote:

> From: Florian Hars <>
> Subject: Re: [Caml-list] Computing with big numbers?
> To: "Alan Schmitt" <>
> Cc:
> Date: Thursday, December 4, 2008, 8:06 AM
> Alan Schmitt schrieb:
> > But I don't think this applies here, as the hashes
> I'm
> > looking at are the one used by Unison to identify file
> contents.
> Then it is *especially* relevant, as it is quite trivial to
> generate
> several files with  different content and the same MD5
> hash, all you
> need is a Playstation 3:
> - Florian
> -- 
> But our moral language is fragmented; our contemporaries
> reject the Kantian
> hunch that choosing those things most admirable and
> plausible as ends in
> themselves is the best practice; autonomous sources of the
> good are everywhere
> brown and broken. Thus we have PHP.
> _______________________________________________
> Caml-list mailing list. Subscription management:
> Archives:
> Beginner's list:
> Bug reports: