7-Zip / Discussion / Open Discussion: MD5 (and SHA3) signature

MD5 (and SHA3) signature

Forum: Open Discussion

Creator: efa

Created: 2021-06-09

Updated: 2021-06-09

efa - 2021-06-09

RFE: Windows Explorer file manager, file context menu, rename from "CRC SHA" to "Signatures", and add MD5 (and SHA-512/256 and SHA-3) to it:

CRC-32
CRC-64
MD5
SHA-1
SHA-256
SHA-512
SHA-512/256
SHA3-256
BLAKE2sp (currently missing in the context menu, got only with )
BLAKE3

I know MD5 signature was already asked many times, and the signature is broken for malicious collision files:
https://en.wikipedia.org/wiki/MD5#Collision_vulnerabilities
but I want to retry the RFE as for normal day use can still be useful.
I saw that more or less also recent signatures has collisions or length extension attack trouble:
https://en.wikipedia.org/wiki/SHA-2#Comparison_of_SHA_functions
Many web site still used MD5 instead of SHA-256, and for big files (> 1 GB), the compute times of SHA-256 and recent signatures can be really more (50 to 100% more) than MD5, and much of the time users do not have to deal with malicius attack, but need to check if a file on flashUSB stick was written correctly.
So old signature like MD5 have a meaning in that area.

Also please add SHA-512/256, SHA3-256 and BLAKE3 where users need resistance to malicious attacks

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.