tag:blogger.com,1999:blog-7266528187680728229.post8699353081847045764..comments2024-03-07T22:27:00.958-08:00Comments on The Bug Charmer: MD5 should not be used in forensics (or anywhere else)Stevenhttp://www.blogger.com/profile/08515783026293944881noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-7266528187680728229.post-21775786583299688052018-12-20T08:23:34.787-08:002018-12-20T08:23:34.787-08:00My argument about the defense lawyer is isn't ...My argument about the defense lawyer is isn't about whether some examiners can defend MD5 successfully, it's that it leaves an opening. My belief is that many, possibly most, examiners aren't very knowledgeable about cryptography and can't do more than parrot what they learning in training class X. Using MD5 and having to explain why the various security problems aren't an issue in your case is not worth the risk when SHA-2 exists and is free. I don't want to ever have to explain to a jury why preimages are different from collisions. <br /><br />The other issue is that Dr Stevens and other cryptographers, who are the experts in their area, say that we should not use MD5 at all. That's a big problem when you consider that we're supposed to use valid/accepted scientific methods. The scientists in this area say that MD5 is not valid and forensic examiners, with no special training in cryptographer, want to argue that it is. <br /><br />Identifying known-bad hashes is different than validating acquired evidence. I recall that Dr Stevens was okay with this since it's only used to triage files and the positive results will be verified visually. Stevenhttps://www.blogger.com/profile/08515783026293944881noreply@blogger.comtag:blogger.com,1999:blog-7266528187680728229.post-37735550708060652832018-12-19T23:45:37.312-08:002018-12-19T23:45:37.312-08:00I would be interested to see Dr Stevens manipulate...I would be interested to see Dr Stevens manipulate a forensic image to put artefacts of interest to prove or disprove an incident. I think that's what Boucher was arguing as to why it's still valid in forensic cases.<br />I also dont think that the argument of the cluey defense lawyer really stacks up for this reason. <br /><br />That being said, many forensic utilities with hash to md5 and sha1 upon creating a forensic image, so it's a moot point for the time being. <br />Using it to highlight that a file in a hashset has been found in a seized dataset is a very different use case for manipulating a certificate on a live server - which is where the cryptographers and security folks are coming from, and for their purposes md5 and now sha1 is brokenPhillhttps://www.blogger.com/profile/01849346927245371914noreply@blogger.com