Are there plans for Fortinet to start providing image checksums that are not based on the easily breakable md5 algorithm?
As a security company I'd have thought Fortinet would have moved away from md5 a long time ago...
Regards,
Matthew
Sorry for my poorly chosen quote. The best bit was up in the introduction on the same page (with references):
As such, MD5 is not suitable for applications like SSL certificates or digital signatures that rely on this property [collision resistance] for digital security. Also in 2004 more serious flaws were discovered in MD5, making further use of the algorithm for security purposes questionable; specifically, a group of researchers described how to create a pair of files that share the same MD5 checksum.If that is the case then the OP's query stands, and my contention would also be valid - MD5 may do to pick up accidental or transmission errors, but really shouldn't be used as proof that the image you have is the same as the image over there. In that case we would be back to asking how we do know this image is the same as that image, and perhaps the RSA signatures can do this. Can they? Or would a sha1 hash do just as good a job?
edit - expanded quote
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.