[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 in the read path

Isn't MD5 broken from a security standpoint? From wikipedia
*"One basic requirement of any cryptographic hash function is that it
should be computationally infeasible
find two non-identical messages which hash to the same value. MD5 fails
this requirement catastrophically; such collisions
<https://en.wikipedia.org/wiki/Collision_resistance> can be found in
seconds on an ordinary home computer"*


On Wed, Sep 26, 2018 at 7:14 PM Jeff Jirsa <jjirsa@xxxxxxxxx> wrote:

> In some installations, it's used for hashing the partition key to find the
> host ( RandomPartitioner )
> It's used for prepared statement IDs
> It's used for hashing the data for reads to know if the data matches on all
> different replicas.
> We don't use CRC because conflicts would be really bad. There's probably
> something in the middle that's slightly faster than md5 without the
> drawbacks of crc32
> On Wed, Sep 26, 2018 at 3:47 PM Tyagi, Preetika <preetika.tyagi@xxxxxxxxx>
> wrote:
> > Hi all,
> >
> > I have a question about MD5 being used in the read path in Cassandra.
> > I wanted to understand what exactly it is being used for and why not
> > something like CRC is used which is less complex in comparison to MD5.
> >
> > Thanks,
> > Preetika
> >
> >