Slashdot Mirror

← Back to Stories (view on slashdot.org)

Finnish Firm Claims Fake P2P Hash Technology

Posted by timothy on from the spy-vs.-spy-isn't-even-to-frame-2-yet dept.

An anonymous reader writes "As reported by The Inquirer, a Finnish company known as Viralg Oy claim to have developed software that can create a junk file with the same hash as a genuine p2p download. This, according to the company, can altogether stop the sharing of copywritten files by flooding p2p networks with corrupt/junk data, which then spreads through the network, causing less and less of the original file to be available. However, with the resolve of the p2p userbase, is this software really going to 'beat all Peer 2 Peer pirates at their own game,' or simply prove a minor annoyance?"

8 of 748 comments (clear)

  1. They have cracked strong hashes, huh? by Flywheels+of+Fire · · Score: 5, Informative
    This is not true. It might work on Kazaa but most other P2P networks use MD5 or better. Okay, they have found collisions but no one has found a way to generate file for a given key. So the claim by the finnish company is bogus.

    Or they have cracked even the strong hashes. In which case they are really cool. I know Mr. Torvalds is Finnish, but I doubt even he could come up with algorithms to do that.

    In their conceited press release, they have compared Spoofing vs DRP/a

    --
    Iran captures three CIA agents
    1. Re:They have cracked strong hashes, huh? by mboverload · · Score: 5, Informative

      Bittorrent clients ban IP's that send them a certain number of bad pieces.

  2. "Copyrighted" by As+Seen+On+TV · · Score: 5, Informative

    It's "copyrighted," not "copywritten." We're talking about rights, not writings.

  3. Coral Cache by Anonymous Coward · · Score: 5, Informative

    I took the liberty of pre-caching the site on Coral before it went live - http://www.viralg.com.nyud.net:8090/index.html. I think Slashdot should really consider doing this as part of the proceedure...this site won't last a minute under the weight of our collective, nerdy asses.

  4. Re:Already done by B3ryllium · · Score: 5, Informative

    By the time this is submitted, it will probably already be redundant (even though it's informative :)) - but the hashes are used for parallel download streams of the same file. So, if you saturate the network with the same hash, you can corrupt the data when the client automatically assumes it's the same file and tries to merge it with the other incoming data.

  5. Seems bogus to me by gtoomey · · Score: 5, Informative
    It takes 2^69 operations to find collisions with SHA1

    Unless they have lots of supercomputer time, seeding the occasional p2p file with bad data will be very expensive.

    1. Re:Seems bogus to me by pjrc · · Score: 5, Informative
      Remember that those 2^69 "operations" (each many CPU cycles) are for a SHA1 "collision" attack. A "preimage" attack that would be necessary to inject corrupt data into a p2p network using SHA1 (such as Bittorrent) is much harder and has not been discovered and published.

      Quoting from the linked page:

      Q: What is a collision attack and a preimage attack?
      A: A preimage attack would enable someone to find an input message that causes a hash function to produce a particular output. In contrast, a collision attack finds two messages with the same hash, but the attacker can't pick what the hash will be. The attacks announced at CRYPTO 2004 are collision attacks, not preimage attacks.

      --
      PJRC: Electronic Projects, 8051 Microcontroller Tools
  6. As someone who actually _does_ have a P2P attack.. by Effugas · · Score: 5, Informative

    It's a couple pages in my paper here. Basically, the first 300Kb of Kazaa's files are hashed normally, then every 32Kb chunk of the file is hashed independently. This allows independent chunks to be downloaded out of order. These out of order chunks are recursively hashed against one another to create one final value, called a "kzhash", which is verified after the file is downloaded.

    The attack is to use the recently released collision -- which creates two blocks that, when mixed against the default initial state of MD5, emit the same system state. Every 32K, you can embed one or the other in the file you're transmitting, and kzhash can't tell. What can you do with this? Morph a file as it traverses the network; have an installation executable describe the systems its being installed on as it propogates through a network. With a fairly large installer, you'd get quite a few bits in there.

    You still don't get to do random noise, and while it's no Tiger Tree, kzhashing doesn't appear so exploitable that this group is likely to have anything. I could be wrong, but then, virtual algorithm? Right.