Hash and salt collision

Question

I remember a guy telling me that if I let him change 4 bytes he can make a file have any checksum he wants (CRC-32).

I heard mention of salting a hash. I am wonderin

Answer 1

You are mixing up two different uses of hash values:

• Checksumming for guarding against random (non-malicious) errors.

• Computing cryptographical message digests for storing passwords, signing messages, certificates ...

CRCs are a good choice for the first application, but totally unsuited for the second, because it is easy to compute a collision (in math-speak: CRCs are linear). This is what your friend is essentially telling you.

MD5 and SHA1 are cryptographic hashes intended for the second kind of application. However, MD5 has been cracked and SHA1 is considered weak these days. Still, even though MD5 can be cracked it takes a long time to find MD5 collisions (days to weeks).

As for salt, it makes the computation of the cryptographic hash local by mixing in some random non-secret value, this value is called the salt. This prevents computing global tables which make it easy to compute possible values (e.g. passwords) from the hash value. The computation of the tables is extremely expensive, but without salt the cost would be amortized over many cracked passwords.