tags:

views:

91

answers:

6
+5  Q: 

Self-referencing MD5 file

Hello:

I'm developing a program that needs to load and save data in external files, I have been searching for options and I have chosen to save the data in a binary file.

As I don't want that someone could edit the file easily, I thought about writing in the first line of the file, its md5 sum. In this case, if some data of the file is changed, the sum won't match the one of the first line.

The problem I find then is that if I calculate the MD5, and after that I write the info inside the file, it's obvious that the sum will be different, so, how could I sort this?

If you sugest me a better option than the sum, it will be equally accepted.

Thanks in advance.

A: 

you could store the MD5sum in a database instead, then when you want to see if a file has been changed you check the MD5 sum in the db. alternatively you could store the md5sum of a file in another file.

JiminyCricket  2010-08-30 12:47:34
why the down votes? please explain why this option wont work or how it doesnt answer the question
JiminyCricket  2010-08-30 13:01:47
This doesn't work because someone can merely change the file and update the database with the new digest.
brian d foy  2010-08-30 23:09:32
+3  A: 

While it is theoretically possible to make a self-referencing MD5 file (and I recall some have been found), it's a waste of resources. It is generally necessary to store the hash somewhere outside the hashed file (traditionally named md5sums or sha1sums, respectively).

This said, I'd recommend going for SHA-1 in addition to MD5.

Piskvor  2010-08-30 12:50:13
+1 - MD5 must go ... http://stackoverflow.com/questions/2768248/is-md5-really-that-bad
nonnb  2010-08-30 12:51:41
even SHA-1 is [broken](http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html) (fsvo broken) these days.
Philip Potter  2010-08-30 12:53:15
@nonnb: well, it's just about OK if you only need to prevent accidental file corruption; but yeah, I consider it deprecated.
Piskvor  2010-08-30 12:54:19
@Philip Potter: As you said, it depends on the threat model - if you're worried about intentional tampering, then the checksum might be modified also.
Piskvor  2010-08-30 12:56:50
@Piskvor: quite so. if intentional tampering might change the checksum, then pretty much *any* checksum is of equal security value, because finding a preimage is no longer the path of least resistance. Might as well use CRC.
Philip Potter  2010-08-30 13:01:23
+7  A: 

What is your threat model?

If you just want to protect against casual fiddling, md5 the main data of the file, then write the md5 sum to the end. To validate, strip off the md5 sum, then md5 only the original file.

If you want to protect against malicious and skilled cracking, you're out of luck; any validation algorithm you use can be replicated, particularly if they have access to the program itself. Even a cryptographic signature could fail if the attacker extracts the key from the program binary.

If it's a big deal, a unix solution is to run as setuid or setgid to a different user and write to a directory which users cannot modify. I'm not sure what a good general Java solution is, but the point remains: users shouldn't be able to modify your data because they were prevented from doing so, not because they were detected trying to.

Philip Potter  2010-08-30 12:50:33
I like this answer best. +1
Randolpho  2010-08-30 12:55:00
+1 for "you're out of luck against crackers"
snemarch  2010-08-30 13:00:27
A: 

Bill: Ted, while I agree that, in time, our band will be most triumphant. The truth is, Wyld Stallyns will never be a super band until we have Eddie Van Halen on guitar.

Ted: Yes, Bill. But, I do not believe we will get Eddie Van Halen until we have a triumphant video.

Bill: Ted, it's pointless to have a triumphant video before we even have decent instruments.

Ted: Well, how can we have decent instruments when we don't really even know how to play?

Bill: That is why we NEED Eddie Van Halen!

Ted: And THAT is why we need a triumphant video.

Bill, Ted: EXCELLENT!

Seriously, you can't calculate the MD5 sum (or some other hash) with the calculated hash embedded, so you have to store the hash somewhere else.

If you just don't want people to easily mess with the file, maybe it's an option to obfuscate it via ROT13 or XOR "encryption" ?

DarkDust  2010-08-30 12:51:02
Actually, you *can* with MD5, because it's so broken :)
Philip Potter  2010-08-30 12:56:19
A: 

Just ignore the first line when you compute the md5. You should also add a secret salt to make sure it's not to easy to create a new MD5 after editing the content. It depends on your actual need (level of security).

gawi  2010-08-30 12:51:24
The salt doesn't have to be secret. The purpose of a salt is to prevent precomputed tables of hash values by increasing the required size of such tables.
Philip Potter  2010-08-30 12:54:36
if its editable, someone could just mess with the md5 hash up top or they could add some other crap at the top so that the first line is no longer the md5 hash, making this method of putting it at the top or bottom not useful
JiminyCricket  2010-08-30 13:12:54
If the salt is not secret, it's pretty easy to recreate the MD5 hash after the file is modified. It's just less obvious if someone must decompile de bytecode in order to find the salt value. This is OK if you just want to prevent casual users from editing your files. Otherwise, forget it, there's always a way to bypass a java method execution (unless code is running on server-side).
gawi  2010-08-30 13:28:33
The term "salt" is normally used to refer to an appendage which is random but known, to make it so the same "main" data won't always yield the same hash string. Here, I think the goal is to munge the data slightly before computing the hash, otherwise compute the hash in a slightly-nonstandard way.
supercat  2010-08-30 16:26:59
@supercat Yes. I agree. The salt word was misused there.
gawi  2010-08-30 17:00:11
+1  A: 

What if you create a container for your data? Through a new class with two properties, CheckSum and Data, you could serialize all your data and put it in the Data property. Then, you calulate the checksum for the serialized data, and use the CheckSum property to store the checksum.

Christian Nesmark  2010-08-30 12:52:56

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java