Monday, January 12, 2009

litsupport summary for the week ending on 01/04/09

A lot of important and useful information is posted to litsupport each week. The following is a distilled summary, in the form of questions and answers.

Q. How reliable is MD5 in light of this new discovery that SSL certificates can be forged backed on MD5 collision?
A. There are different aspects to this:
  1. It is possible to find another file with different content and with the same MD5 signature, but it is computationally very hard and requires deep technological expertise;
  2. If somebody uses SHA1 or other more advanced signatures, or SHA1 in combination with MD5, it is impractical to hack it;
  3. MD5 can still be used for deduplication, since hacking this process is more unlikely than falsifying individual evidence file;
  4. Since documents are authenticated by litigants and not only by hash values, and since there are many experts and many copies floating around, falsification based on MD5 collision is far-fetched;
  5. The area is still open to research, since hash signatures are used to analyze emails and other documents where byte-by-byte comparison is not adequate.
This summary from the Litsupport Group postings created by the wonderful and talented members of the group has been culled by Mark Kerzner ( and edited by Aline Bernstein (

No comments: