MD5?

[mvahowe]

Our ingredient checksums are currently MD5.

MD5 is utterly broken for cryptography, but this isn't a cryptographic application. MD5 collisions can occur (ie 2 different strings that result in the same MD5) which is potentially A Bad Thing for our use case.

MD5 is still widely used by many applications and most operating systems for error detection, which is (kinda) what we use it for. It's also available for pretty much every platform, language and framework.

Sooner or later, someone is going to complain about MD5. Do we wish to consider an alternative? If so, which alternative? I think we need something which is

• relatively cheap in terms of processing

• widely implemented.

[mvahowe]

It looks like SHA-3 would be an obvious alternative, although it is computationally more expensive than MD5. (This becomes an issue for audio and video ingredients: MD5 checksumming often takes as much time as uploading with single-theaded Nathanael on a laptop.)

[jag3773]

My preference would be for SHA-3. If we wait to make such a change later it will be much more difficult.

[smorrison]

I wanted to point out that

• we don't use it for crytography, only has a hash
• it's convenient because it -happens to be- the hash that S3 uses, so it makes things easier for -me-

[jag3773]

We decided to keep md5 for now.

[jag3773]

New idea is that we add a checksum type field which for now will specify MD5 but will make moving to a new hash later easier.

[mvahowe]

FWIW I noticed that the Node upload module I picked gives me MD5s for free. (Well, presumably it thrashes my CPU because even JS isn't magic, but I don't need to write any code.)