±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36296
New Yesterday: 2 Visitors: 139

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

SuperImager by mediaclone Issues

Discussion of forensic workstations, write blockers, bridges, adapters, disk duplicators, storage etc. Strictly no advertising of commercial products, please.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2 
  

jaclaz
Senior Member
 

Re: SuperImager by mediaclone Issues

Post Posted: Jun 27, 14 13:02

- ekohavi

Also MD5 is an old and breakable algorithm, and replaced by SHA-1 long time ago.


Oh, noes, not again. Sad

It is possible to create a MD5 collision.

As such MD5 is not "secure".

But how probable it is that a MD5 collision happens "by chance"?

So low that the Heart of Gold could travel to end of universe and back with it fed to the improbability drive.

The fact that finding a collision is possible does not mean that is not a good validating hash for an image.

- ekohavi

To achieve a high capture speed with this unit use the SHA-1, SHA-2 algorithm. (for example run HASH verify SHA-1 on SanDisk ExtremeII 128GB measured 31.3 GB/min or run HASH verify on 1TB WD Blue measured 10.1GB/min. If you run HASH verify on those hard drives with MD5, you will get half of this speed).

That should be an issue with the way the algorithms are implemented specifically, as tests around tend to result in MD5 being faster, either only slightly or much.


jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

ekohavi
Newbie
 

Re: SuperImager by mediaclone Issues

Post Posted: Jun 27, 14 19:04

u are right.
MD5 can still be used as authentication.
thank u  
 
  

Bulldawg
Senior Member
 

Re: SuperImager by mediaclone Issues

Post Posted: Jun 27, 14 19:08

I'm guessing here, but it's possible there's a co-processor dedicated to SHA-1 hashing, and an MD5 hash has to use the general-purpose processor in the device. If you've got one of these, it sounds like you should hash with SHA-1.

Ditto on MD5 being perfectly acceptable for this purpose.  
 
  

raydenvm
Member
 

Re: SuperImager by mediaclone Issues

Post Posted: Jun 27, 14 19:16

MD5 calculation is lighter and faster on any modern CPU than SHA-1. There are many tests over the Web confirming this fact.

I suppose SuperImager just has some implementation problems of MD5 support at higher speed.
_________________
Vitaliy Mokosiy
CTO
Atola Technology 
 
  

Bulldawg
Senior Member
 

Re: SuperImager by mediaclone Issues

Post Posted: Jun 27, 14 19:52

- raydenvm
MD5 calculation is lighter and faster on any modern CPU than SHA-1. There are many tests over the Web confirming this fact.

I suppose SuperImager just has some implementation problems of MD5 support at higher speed.


Absolutely agree if we're assuming the same general-purpose CPU is used. What I'm speculating is that this imaging device has a co-processor that is dedicated to calculating the SHA-1 hash. Perhaps this one:
www.maximintegrated.co...S2460.html  
 
  

ekohavi
Newbie
 

Re: SuperImager by mediaclone Issues

Post Posted: Jun 28, 14 10:00

Hi guys
There is no issue with implementing MD5 on SuperImager unit.
MD5 HASH still can run at 15GB/min on SSD and it is a little far from Ditto that was mention in this thread.
It is very simple: SuperImager take advantage of the Intel SHA-1 Optimizer for i5//i7 and achieve those high speed performances.
In most of the time (include Guidance Software that support SHA-1) user has a choice to chose the HASH mechanism, so he can take advantage of the high speed of SHA-1.
that is all.
thank u  
 

Page 2 of 2
Page Previous  1, 2