Is it feasible to get a hash collision for CRC32, MD-5 and SHA-1 on one file?How hard is it to generate a simultaneous MD5 and SHA1 collision?Brute forcing CRC-32Is Dropbox's hashing method cryptographically secure?Is there a generic attack on encrypted CRC32 when used as a MAC?CRC32 vs. low 32 bits of cryptographic hashIntegrity compromised - HASH modifiedWould SHA-1 be safe for certificates with short validity?Checksum vs. non-cryptographic hashHow does the attack on MD5 work that allows a file to show its own (full) hash?How is it possible to detect “unknown SHA-1 cryptanalytic collision attacks given just a single file from a colliding file pair”?

Plotting octahedron inside the sphere and sphere inside the cube

Is it okay for a ticket seller in the USA to refuse to give you your change, keep it for themselves and claim it's a tip?

Do beef farmed pastures net remove carbon emissions?

TEMPO: play a sound in animated GIF/PDF/SVG

Can the ground attached to neutral fool a receptacle tester?

Heat equation: Squiggly lines

How to disable "Completion time:..." in SQL Server Messages window

Why does chown not work in RUN command in Docker?

How to reduce Sinas Chinam

If a digital camera can be "hacked" in the ransomware sense, how best to protect it?

Simplification of numbers

How can this older-style irrigation tee be replaced?

Are employers legally allowed to pay employees in goods and services equal to or greater than the minimum wage?

Normalization constant of a planar wave

How to describe accents?

Does the Fireball spell damage objects?

On math looking obvious in retrospect

Bitcoin successfully deducted on sender wallet but did not reach receiver wallet

How to divide item stack in MC PE?

Why command hierarchy, if the chain of command is standing next to each other?

Is it feasible to get a hash collision for CRC32, MD-5 and SHA-1 on one file?

Lengthened voiced stops and the airstream through the nose

How much maintenance time did it take to make an F4U Corsair ready for another flight?

How to retreive domain name from salesforce org



Is it feasible to get a hash collision for CRC32, MD-5 and SHA-1 on one file?


How hard is it to generate a simultaneous MD5 and SHA1 collision?Brute forcing CRC-32Is Dropbox's hashing method cryptographically secure?Is there a generic attack on encrypted CRC32 when used as a MAC?CRC32 vs. low 32 bits of cryptographic hashIntegrity compromised - HASH modifiedWould SHA-1 be safe for certificates with short validity?Checksum vs. non-cryptographic hashHow does the attack on MD5 work that allows a file to show its own (full) hash?How is it possible to detect “unknown SHA-1 cryptanalytic collision attacks given just a single file from a colliding file pair”?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








4












$begingroup$


I'm aware that individually, each has its weaknesses (especially CRC32), but is it feasible that a file could be created to falsely match all three?










share|improve this question









$endgroup$




migrated from superuser.com 9 hours ago


This question came from our site for computer enthusiasts and power users.


















  • $begingroup$
    I think it would be difficult to actively intend to get a simultaneous clash on all three given that they use different algorithms. Clashes are possible in each, sure, and you can engineer a clash in each if you are determined but I would have thought it would be difficult to get a clash in all three at the same time. It feels like the sort of thing that might be possible but technically unfeasible given the amount of effort required. Personally I'd be curious to see how probable this is.
    $endgroup$
    – Mokubai
    9 hours ago










  • $begingroup$
    this Q&A has the (positive) answer except for the CRC part
    $endgroup$
    – SEJPM
    9 hours ago

















4












$begingroup$


I'm aware that individually, each has its weaknesses (especially CRC32), but is it feasible that a file could be created to falsely match all three?










share|improve this question









$endgroup$




migrated from superuser.com 9 hours ago


This question came from our site for computer enthusiasts and power users.


















  • $begingroup$
    I think it would be difficult to actively intend to get a simultaneous clash on all three given that they use different algorithms. Clashes are possible in each, sure, and you can engineer a clash in each if you are determined but I would have thought it would be difficult to get a clash in all three at the same time. It feels like the sort of thing that might be possible but technically unfeasible given the amount of effort required. Personally I'd be curious to see how probable this is.
    $endgroup$
    – Mokubai
    9 hours ago










  • $begingroup$
    this Q&A has the (positive) answer except for the CRC part
    $endgroup$
    – SEJPM
    9 hours ago













4












4








4


1



$begingroup$


I'm aware that individually, each has its weaknesses (especially CRC32), but is it feasible that a file could be created to falsely match all three?










share|improve this question









$endgroup$




I'm aware that individually, each has its weaknesses (especially CRC32), but is it feasible that a file could be created to falsely match all three?







checksum md5 crc sha-1






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked 10 hours ago







Hiccup












migrated from superuser.com 9 hours ago


This question came from our site for computer enthusiasts and power users.











migrated from superuser.com 9 hours ago


This question came from our site for computer enthusiasts and power users.









migrated from superuser.com 9 hours ago


This question came from our site for computer enthusiasts and power users.













  • $begingroup$
    I think it would be difficult to actively intend to get a simultaneous clash on all three given that they use different algorithms. Clashes are possible in each, sure, and you can engineer a clash in each if you are determined but I would have thought it would be difficult to get a clash in all three at the same time. It feels like the sort of thing that might be possible but technically unfeasible given the amount of effort required. Personally I'd be curious to see how probable this is.
    $endgroup$
    – Mokubai
    9 hours ago










  • $begingroup$
    this Q&A has the (positive) answer except for the CRC part
    $endgroup$
    – SEJPM
    9 hours ago
















  • $begingroup$
    I think it would be difficult to actively intend to get a simultaneous clash on all three given that they use different algorithms. Clashes are possible in each, sure, and you can engineer a clash in each if you are determined but I would have thought it would be difficult to get a clash in all three at the same time. It feels like the sort of thing that might be possible but technically unfeasible given the amount of effort required. Personally I'd be curious to see how probable this is.
    $endgroup$
    – Mokubai
    9 hours ago










  • $begingroup$
    this Q&A has the (positive) answer except for the CRC part
    $endgroup$
    – SEJPM
    9 hours ago















$begingroup$
I think it would be difficult to actively intend to get a simultaneous clash on all three given that they use different algorithms. Clashes are possible in each, sure, and you can engineer a clash in each if you are determined but I would have thought it would be difficult to get a clash in all three at the same time. It feels like the sort of thing that might be possible but technically unfeasible given the amount of effort required. Personally I'd be curious to see how probable this is.
$endgroup$
– Mokubai
9 hours ago




$begingroup$
I think it would be difficult to actively intend to get a simultaneous clash on all three given that they use different algorithms. Clashes are possible in each, sure, and you can engineer a clash in each if you are determined but I would have thought it would be difficult to get a clash in all three at the same time. It feels like the sort of thing that might be possible but technically unfeasible given the amount of effort required. Personally I'd be curious to see how probable this is.
$endgroup$
– Mokubai
9 hours ago












$begingroup$
this Q&A has the (positive) answer except for the CRC part
$endgroup$
– SEJPM
9 hours ago




$begingroup$
this Q&A has the (positive) answer except for the CRC part
$endgroup$
– SEJPM
9 hours ago










1 Answer
1






active

oldest

votes


















5












$begingroup$

Finding a simultaneous collision for all three would take the effort of approximately $2^72$ SHA-1 compression function evaluations.



The overall idea would be to take the general $2^67$ idea found in the answer to How hard is it to generate a simultaneous MD5 and SHA1 collision? and perform the attack 33 successive times (generating 33 places in the hash image where we can take either $X_i$ or $Y_i$ without affecting either the MD5 or SHA-1 hash).



That'll give us a total of $2^33$ images with all the same MD5 and SHA-1 hash; there must be a pair of images with the same CRC-32 value as well, and so that solves the problem.



Whether $2^72$ operations is in the realm of feasibility is another question entirely...






share|improve this answer









$endgroup$














  • $begingroup$
    I was brought here by the curiosity of the question and I'm a bit hung up on the feasibility side. Yes it is technically possible but 2^72 is a number that my mind just spits back as "impossibly huge". Does this mean it is within the realms of a guy sitting in a basement with an old i3 box or is it all the computers in the world running until the eventual heat death of the universe?
    $endgroup$
    – Mokubai
    9 hours ago










  • $begingroup$
    @Mokubai: it's probably closer to 'if the NSA (or possibly Goggle or Amazon) decide to devote all their assets on this one problem, they could probably do it in a not-unreasonable amount of time...'.
    $endgroup$
    – poncho
    8 hours ago










  • $begingroup$
    Okay, so it's within the realms of possibility of nation-state actors, but probably beyond your average malware or script-kiddie. That is unless he has a pretty large botnet... Not unreasonable to achieve, but probably costs far more than it is ever going to worth unless the target is a) incredibly paranoid (to be using/checking all three hashes) and b) extremely high value. Thank you for indulging my curiosity :)
    $endgroup$
    – Mokubai
    8 hours ago






  • 1




    $begingroup$
    The Bitcoin network has a hash rate of $2^72$ hashes every three days. It's more than one guy in a basement but far less than heat death of the universe. It's also probably far less than what the NSA could manage.
    $endgroup$
    – djao
    6 hours ago






  • 1




    $begingroup$
    I was half expecting to see an answer of "Yeah, these two files."
    $endgroup$
    – Joshua
    2 hours ago













Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "281"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f72549%2fis-it-feasible-to-get-a-hash-collision-for-crc32-md-5-and-sha-1-on-one-file%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown
























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









5












$begingroup$

Finding a simultaneous collision for all three would take the effort of approximately $2^72$ SHA-1 compression function evaluations.



The overall idea would be to take the general $2^67$ idea found in the answer to How hard is it to generate a simultaneous MD5 and SHA1 collision? and perform the attack 33 successive times (generating 33 places in the hash image where we can take either $X_i$ or $Y_i$ without affecting either the MD5 or SHA-1 hash).



That'll give us a total of $2^33$ images with all the same MD5 and SHA-1 hash; there must be a pair of images with the same CRC-32 value as well, and so that solves the problem.



Whether $2^72$ operations is in the realm of feasibility is another question entirely...






share|improve this answer









$endgroup$














  • $begingroup$
    I was brought here by the curiosity of the question and I'm a bit hung up on the feasibility side. Yes it is technically possible but 2^72 is a number that my mind just spits back as "impossibly huge". Does this mean it is within the realms of a guy sitting in a basement with an old i3 box or is it all the computers in the world running until the eventual heat death of the universe?
    $endgroup$
    – Mokubai
    9 hours ago










  • $begingroup$
    @Mokubai: it's probably closer to 'if the NSA (or possibly Goggle or Amazon) decide to devote all their assets on this one problem, they could probably do it in a not-unreasonable amount of time...'.
    $endgroup$
    – poncho
    8 hours ago










  • $begingroup$
    Okay, so it's within the realms of possibility of nation-state actors, but probably beyond your average malware or script-kiddie. That is unless he has a pretty large botnet... Not unreasonable to achieve, but probably costs far more than it is ever going to worth unless the target is a) incredibly paranoid (to be using/checking all three hashes) and b) extremely high value. Thank you for indulging my curiosity :)
    $endgroup$
    – Mokubai
    8 hours ago






  • 1




    $begingroup$
    The Bitcoin network has a hash rate of $2^72$ hashes every three days. It's more than one guy in a basement but far less than heat death of the universe. It's also probably far less than what the NSA could manage.
    $endgroup$
    – djao
    6 hours ago






  • 1




    $begingroup$
    I was half expecting to see an answer of "Yeah, these two files."
    $endgroup$
    – Joshua
    2 hours ago















5












$begingroup$

Finding a simultaneous collision for all three would take the effort of approximately $2^72$ SHA-1 compression function evaluations.



The overall idea would be to take the general $2^67$ idea found in the answer to How hard is it to generate a simultaneous MD5 and SHA1 collision? and perform the attack 33 successive times (generating 33 places in the hash image where we can take either $X_i$ or $Y_i$ without affecting either the MD5 or SHA-1 hash).



That'll give us a total of $2^33$ images with all the same MD5 and SHA-1 hash; there must be a pair of images with the same CRC-32 value as well, and so that solves the problem.



Whether $2^72$ operations is in the realm of feasibility is another question entirely...






share|improve this answer









$endgroup$














  • $begingroup$
    I was brought here by the curiosity of the question and I'm a bit hung up on the feasibility side. Yes it is technically possible but 2^72 is a number that my mind just spits back as "impossibly huge". Does this mean it is within the realms of a guy sitting in a basement with an old i3 box or is it all the computers in the world running until the eventual heat death of the universe?
    $endgroup$
    – Mokubai
    9 hours ago










  • $begingroup$
    @Mokubai: it's probably closer to 'if the NSA (or possibly Goggle or Amazon) decide to devote all their assets on this one problem, they could probably do it in a not-unreasonable amount of time...'.
    $endgroup$
    – poncho
    8 hours ago










  • $begingroup$
    Okay, so it's within the realms of possibility of nation-state actors, but probably beyond your average malware or script-kiddie. That is unless he has a pretty large botnet... Not unreasonable to achieve, but probably costs far more than it is ever going to worth unless the target is a) incredibly paranoid (to be using/checking all three hashes) and b) extremely high value. Thank you for indulging my curiosity :)
    $endgroup$
    – Mokubai
    8 hours ago






  • 1




    $begingroup$
    The Bitcoin network has a hash rate of $2^72$ hashes every three days. It's more than one guy in a basement but far less than heat death of the universe. It's also probably far less than what the NSA could manage.
    $endgroup$
    – djao
    6 hours ago






  • 1




    $begingroup$
    I was half expecting to see an answer of "Yeah, these two files."
    $endgroup$
    – Joshua
    2 hours ago













5












5








5





$begingroup$

Finding a simultaneous collision for all three would take the effort of approximately $2^72$ SHA-1 compression function evaluations.



The overall idea would be to take the general $2^67$ idea found in the answer to How hard is it to generate a simultaneous MD5 and SHA1 collision? and perform the attack 33 successive times (generating 33 places in the hash image where we can take either $X_i$ or $Y_i$ without affecting either the MD5 or SHA-1 hash).



That'll give us a total of $2^33$ images with all the same MD5 and SHA-1 hash; there must be a pair of images with the same CRC-32 value as well, and so that solves the problem.



Whether $2^72$ operations is in the realm of feasibility is another question entirely...






share|improve this answer









$endgroup$



Finding a simultaneous collision for all three would take the effort of approximately $2^72$ SHA-1 compression function evaluations.



The overall idea would be to take the general $2^67$ idea found in the answer to How hard is it to generate a simultaneous MD5 and SHA1 collision? and perform the attack 33 successive times (generating 33 places in the hash image where we can take either $X_i$ or $Y_i$ without affecting either the MD5 or SHA-1 hash).



That'll give us a total of $2^33$ images with all the same MD5 and SHA-1 hash; there must be a pair of images with the same CRC-32 value as well, and so that solves the problem.



Whether $2^72$ operations is in the realm of feasibility is another question entirely...







share|improve this answer












share|improve this answer



share|improve this answer










answered 9 hours ago









ponchoponcho

98.2k2 gold badges160 silver badges258 bronze badges




98.2k2 gold badges160 silver badges258 bronze badges














  • $begingroup$
    I was brought here by the curiosity of the question and I'm a bit hung up on the feasibility side. Yes it is technically possible but 2^72 is a number that my mind just spits back as "impossibly huge". Does this mean it is within the realms of a guy sitting in a basement with an old i3 box or is it all the computers in the world running until the eventual heat death of the universe?
    $endgroup$
    – Mokubai
    9 hours ago










  • $begingroup$
    @Mokubai: it's probably closer to 'if the NSA (or possibly Goggle or Amazon) decide to devote all their assets on this one problem, they could probably do it in a not-unreasonable amount of time...'.
    $endgroup$
    – poncho
    8 hours ago










  • $begingroup$
    Okay, so it's within the realms of possibility of nation-state actors, but probably beyond your average malware or script-kiddie. That is unless he has a pretty large botnet... Not unreasonable to achieve, but probably costs far more than it is ever going to worth unless the target is a) incredibly paranoid (to be using/checking all three hashes) and b) extremely high value. Thank you for indulging my curiosity :)
    $endgroup$
    – Mokubai
    8 hours ago






  • 1




    $begingroup$
    The Bitcoin network has a hash rate of $2^72$ hashes every three days. It's more than one guy in a basement but far less than heat death of the universe. It's also probably far less than what the NSA could manage.
    $endgroup$
    – djao
    6 hours ago






  • 1




    $begingroup$
    I was half expecting to see an answer of "Yeah, these two files."
    $endgroup$
    – Joshua
    2 hours ago
















  • $begingroup$
    I was brought here by the curiosity of the question and I'm a bit hung up on the feasibility side. Yes it is technically possible but 2^72 is a number that my mind just spits back as "impossibly huge". Does this mean it is within the realms of a guy sitting in a basement with an old i3 box or is it all the computers in the world running until the eventual heat death of the universe?
    $endgroup$
    – Mokubai
    9 hours ago










  • $begingroup$
    @Mokubai: it's probably closer to 'if the NSA (or possibly Goggle or Amazon) decide to devote all their assets on this one problem, they could probably do it in a not-unreasonable amount of time...'.
    $endgroup$
    – poncho
    8 hours ago










  • $begingroup$
    Okay, so it's within the realms of possibility of nation-state actors, but probably beyond your average malware or script-kiddie. That is unless he has a pretty large botnet... Not unreasonable to achieve, but probably costs far more than it is ever going to worth unless the target is a) incredibly paranoid (to be using/checking all three hashes) and b) extremely high value. Thank you for indulging my curiosity :)
    $endgroup$
    – Mokubai
    8 hours ago






  • 1




    $begingroup$
    The Bitcoin network has a hash rate of $2^72$ hashes every three days. It's more than one guy in a basement but far less than heat death of the universe. It's also probably far less than what the NSA could manage.
    $endgroup$
    – djao
    6 hours ago






  • 1




    $begingroup$
    I was half expecting to see an answer of "Yeah, these two files."
    $endgroup$
    – Joshua
    2 hours ago















$begingroup$
I was brought here by the curiosity of the question and I'm a bit hung up on the feasibility side. Yes it is technically possible but 2^72 is a number that my mind just spits back as "impossibly huge". Does this mean it is within the realms of a guy sitting in a basement with an old i3 box or is it all the computers in the world running until the eventual heat death of the universe?
$endgroup$
– Mokubai
9 hours ago




$begingroup$
I was brought here by the curiosity of the question and I'm a bit hung up on the feasibility side. Yes it is technically possible but 2^72 is a number that my mind just spits back as "impossibly huge". Does this mean it is within the realms of a guy sitting in a basement with an old i3 box or is it all the computers in the world running until the eventual heat death of the universe?
$endgroup$
– Mokubai
9 hours ago












$begingroup$
@Mokubai: it's probably closer to 'if the NSA (or possibly Goggle or Amazon) decide to devote all their assets on this one problem, they could probably do it in a not-unreasonable amount of time...'.
$endgroup$
– poncho
8 hours ago




$begingroup$
@Mokubai: it's probably closer to 'if the NSA (or possibly Goggle or Amazon) decide to devote all their assets on this one problem, they could probably do it in a not-unreasonable amount of time...'.
$endgroup$
– poncho
8 hours ago












$begingroup$
Okay, so it's within the realms of possibility of nation-state actors, but probably beyond your average malware or script-kiddie. That is unless he has a pretty large botnet... Not unreasonable to achieve, but probably costs far more than it is ever going to worth unless the target is a) incredibly paranoid (to be using/checking all three hashes) and b) extremely high value. Thank you for indulging my curiosity :)
$endgroup$
– Mokubai
8 hours ago




$begingroup$
Okay, so it's within the realms of possibility of nation-state actors, but probably beyond your average malware or script-kiddie. That is unless he has a pretty large botnet... Not unreasonable to achieve, but probably costs far more than it is ever going to worth unless the target is a) incredibly paranoid (to be using/checking all three hashes) and b) extremely high value. Thank you for indulging my curiosity :)
$endgroup$
– Mokubai
8 hours ago




1




1




$begingroup$
The Bitcoin network has a hash rate of $2^72$ hashes every three days. It's more than one guy in a basement but far less than heat death of the universe. It's also probably far less than what the NSA could manage.
$endgroup$
– djao
6 hours ago




$begingroup$
The Bitcoin network has a hash rate of $2^72$ hashes every three days. It's more than one guy in a basement but far less than heat death of the universe. It's also probably far less than what the NSA could manage.
$endgroup$
– djao
6 hours ago




1




1




$begingroup$
I was half expecting to see an answer of "Yeah, these two files."
$endgroup$
– Joshua
2 hours ago




$begingroup$
I was half expecting to see an answer of "Yeah, these two files."
$endgroup$
– Joshua
2 hours ago

















draft saved

draft discarded
















































Thanks for contributing an answer to Cryptography Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

Use MathJax to format equations. MathJax reference.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f72549%2fis-it-feasible-to-get-a-hash-collision-for-crc32-md-5-and-sha-1-on-one-file%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Canceling a color specificationRandomly assigning color to Graphics3D objects?Default color for Filling in Mathematica 9Coloring specific elements of sets with a prime modified order in an array plotHow to pick a color differing significantly from the colors already in a given color list?Detection of the text colorColor numbers based on their valueCan color schemes for use with ColorData include opacity specification?My dynamic color schemes

Invision Community Contents History See also References External links Navigation menuProprietaryinvisioncommunity.comIPS Community ForumsIPS Community Forumsthis blog entry"License Changes, IP.Board 3.4, and the Future""Interview -- Matt Mecham of Ibforums""CEO Invision Power Board, Matt Mecham Is a Liar, Thief!"IPB License Explanation 1.3, 1.3.1, 2.0, and 2.1ArchivedSecurity Fixes, Updates And Enhancements For IPB 1.3.1Archived"New Demo Accounts - Invision Power Services"the original"New Default Skin"the original"Invision Power Board 3.0.0 and Applications Released"the original"Archived copy"the original"Perpetual licenses being done away with""Release Notes - Invision Power Services""Introducing: IPS Community Suite 4!"Invision Community Release Notes

199年 目錄 大件事 到箇年出世嗰人 到箇年死嗰人 節慶、風俗習慣 導覽選單