Get Satisfaction uses Javascript and cookies.

You'll need to enable Javascript and cookies to log-in and participate.

Share Follow

Know any helpful people?
Email this to a friend
- Your Name:
- Your Email:
- Email to: Enter up to 5 email addresses separated by commas
- Add an optional message
- Optional Message:
  Character limit of 1000 characters
- Or cancel
Twitter this
Share on Facebook
Get a short URL

Share it on these other sites

5 replys made

6 persons participating

2 employees helping

The mood in here

happy 1

silly 0

indifferent 0

sad 0

Products & Services

Wuala

Add a product

This topic is tagged

Add a tag

hash collisions handling

since Wuala seems to treat files with the same hash as equal, is there some additional verification (hashing the blocks perhaps) to further ensure no hash collision has happened, or is the hash used considered good enough so that the chance of a hash collision occuring (even when tried by malicious users) is sufficiently small?
How far into the future (not counting flaws to be found in the hashing algorithm) is this considered "safe"?

I’m confident

Inappropriate?

Reply to this question

2 people have this question

I have this question, too! Tell me when someone answers.
The more people who ask this question, the more it gets noticed.

Create a customer community for your own organization

Plans starting at $19/month

Remove Inappropriate?
Delete or Edit

nickname replied on July 29, 2008 13:28

i have already asked questions similar to this and about hash stuff.

maybe it would be wise to implement chunk/parts hashing additionally and also filesizes stored together with the matching hashes.

there are a number of things that can be done to avoid collisions.

this answers the question

Add a comment This answers the question
Remove Inappropriate?
Delete or Edit

DataWraith replied on July 29, 2008 15:42

Well, hashes are designed so as to make collisions unlikely, either by accident or malicious intent. Judging from the Wikipedia article on SHA, an attacker would have to compute approx. 2^69 operations in order to find a collision for SHA1, which even on a supercomputer would take decades or centuries.

And if I recall correctly, Wuala is using the stronger SHA-256. Or maybe that was just for passwords, I'm not sure.

Anyway, for the foreseeable future -- barring major breakthroughs -- it is extremely unlikely for a collision to occur, and I wouldn't worry about it.

this answers the question

Add a comment This answers the question
EMPLOYEE

Remove Inappropriate?
Delete or Edit

Luzius, Official Rep, replied on August 04, 2008 09:31

Wuala uses a hash of length 20 byte to identify files or fragments. So it is extremely unlikely that there will be any collisions in the next few million years, even if thousands of files are stored every second.

this answers the question

2 Comments Add a comment This answers the question Mark as a company answer
Remove
Determinant commented on September 10, 2008 04:00

Hey Luzius, you mentioned that the hash length is 20 bytes which would imply that you are using SHA-1 (which uses 160 bits = 20 bytes as well) but in another topic you mentioned that you are using SHA-256:

http://getsatisfaction.com/wuala/topi...

SHA-1 is reported to possibly have a mathematical weakness.

Are you using SHA-1 or SHA-256?

Thanks
Remove
Bugreport, (Employee), commented on September 10, 2008 11:20

You can hash with SHA512 and still use only the first 20 Bytes of that...

Maybe they are just using the first 20 Bytes of SHA256 or Luzius is bad at dividing big numbers by 8! ;-)

Reply to Deelkar's question

(Some HTML allowed)

Company participation

The mood in here

Products & Services

This topic is tagged

Related topics in Wuala

hash collisions handling