From owner-freebsd-arch Thu Mar 15 11:52:58 2001 Delivered-To: freebsd-arch@freebsd.org Received: from molly.straylight.com (molly.straylight.com [209.68.199.242]) by hub.freebsd.org (Postfix) with ESMTP id 5AC0737B719 for ; Thu, 15 Mar 2001 11:52:55 -0800 (PST) (envelope-from jonathan@graehl.org) Received: from dickie (case.straylight.com [209.68.199.244]) by molly.straylight.com (8.11.0/8.10.0) with SMTP id f2FJqoE23582 for ; Thu, 15 Mar 2001 11:52:50 -0800 From: "Jonathan Graehl" To: "freebsd-Arch" Subject: ftpd SITE MD5 and "really bad links" Date: Thu, 15 Mar 2001 11:52:26 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-reply-to: <200103151919.MAA18623@usr05.primenet.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG If the probability of errors (which pass 32-bit-1s-complement muster) on the net route between the client and FTP server is as high as once in a gigabyte, then SITE MD5 could save lives, not just make life easier for ports people. I see the odds of totally random bit errors aligning themselves on the same bit (say, so 1 is changed to 0 and vice versa) as incredibly low. However, the Internet checksum is not particularly robust against systematic failure - say that the MSB in a faulty 32-bit-chunk-router flips once every million, then you have some significant probability of more than one flip in the same 8000-bit interval comprising your single tcp fragment, quite possibly giving the same checksum. If actual data corruption in a TCP stream is a non-vanishing possibility due to some faulty equipment you are behind, then you will appreciate SITE MD5 as a valuable data integrity check, and not have to hope that the admin has manually placed the MD5sums somewhere for you. It would also allow you to be certain that your file has been uploaded without errors (no daily cron job is going to offer that immediate response). MD5 is also held to have some cryptographic weaknesses (compared to, say, SHA-1 or Tiger); is the feeling that it is more than sufficient against any conceivable systematic/accidental source of error not specifically designed to exploit what weaknesses MD5 has? p.s. follow up to freebsd-net? -- Jonathan Graehl email: jonathan@graehl.org web: http://jonathan.graehl.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message