![]() SHA-256 is most likely slower than SHA-512 on platforms that use 64 bit computing. This may change in the future, and SHA-1 may become vulnerable as well. Currently you need to pre-compute such files at the same time though, you cannot just create a collision for a random, pre-existing file. ![]() ![]() MD5, as mentioned, is not secure - you can deliberately create collisions. The hash generated is already unique in the sense that you won't be able to find another file with the same hash (this is called a collision). SHA-512/256) then you don't need to use multiple hash algorithms. No, if you use a good secure hash algorithm such as one of the SHA-2 candidates (e.g. Now instead of manually checking file vs file over and over, you can just compare the small hash values. You can store the individual hashes of the files, and then just check the hash of the new file against all of the existing hashes. Where it helps is when you have a bunch of files and you want to check whether a new file is the same as one that you already have. But, it is not by itself any faster than comparing piecewise whether two files are equal. With very, very high probability (if your hash function is good) it is unlikely that two files will create the same hash if they are not, in fact, the same file. It does not read bits and pieces of the file, it processes the whole thing into a small output which is a "signature" of that file. I think you are misunderstanding how a hash works though. MD5 is vulnerable to a lot of collision attacks, so if you don't trust the users it is possible for them to make files which hash to the same value as other files but which are not in fact the same. Now all I'm wondering is this: Is it better to use multiple hash algorithms to do such a comparison?īonus Points: If you think I could be using different algorithms for speed, feel free to recommend. However, I don't want to limit my function to this application, but learn how far it may go with others. If it's different than our network copy I want to force them to update our network before they can do things with it. My particular application: These are small (a few KB) binary files I have a user upload to an app we host on our network. The point with the thoughts above is this: if the hash computations for (weak) comparison are significantly faster than the raw comparison, then it appears it would be worth using multiple different hash algorithms before the raw comparison may be necessary.On the other hand, to make a hash that's based very strongly on the file's contents so that one small change has a good chance of changing the hash, I would think it would need to read a good chunk of the file, so maybe this isn't much faster. ![]() That means it would be much faster than reading the file for the byte-for-byte comparison I'm a crypto noob so I don't know much about this algorithm, but if there are random reads and writes (totalling a fraction of the file size) this would likely be much faster than reading in the whole file, or using its ComputeHash(byte) overload.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |