#13 Small Identical text files fail to match with the -d

[Vernon L McCandlish]

Small identical text files with matching MD5SUM and SDDEEP results do not match. While SSDEEP alerts that it did not process files large enough to provide meaningful results, it returns a result of 46% even though both hashes are identical:

$ ssdeep -V
2.9
$ md5sum *
cf94543f3021af041b3102581ef14e4a 2007000010461.txt
cf94543f3021af041b3102581ef14e4a 2007000010511.txt
$ ssdeep -b *
ssdeep,1.1--blocksize#️⃣hash,filename
3:NDv1F/MyLRPFaoN/O11X11EeENEZvQetaIsG5QvQetaIsi:l1aYR9aolO11X11HRjalGyjali,"2007000010461.txt"
3:NDv1F/MyLRPFaoN/O11X11EeENEZvQetaIsG5QvQetaIsi:l1aYR9aolO11X11HRjalGyjali,"2007000010511.txt"
ssdeep: Did not process files large enough to produce meaningful results
$ ssdeep -d *
/home/{deleted}/Labs/Test/2007000010511.txt matches /home/{deleted}/Labs/Test/2007000010461.txt (46)
ssdeep: Did not process files large enough to produce meaningful results
$ cat 2007000010461.txt
Error * Element* Error Description
-----------*----------*-------------------------------------------------
Start Date (YYYY-MM-DD): 2007-3-12, End Date (YYYY-MM-DD): 2007-3-12

[Vernon L McCandlish]

Identical text file not matching.

[Jesse Kornblum]

The ssdeep algorithm requires about 4KB of input to do fuzzy hashing. In your output there was a warning message indicating this, "ssdeep: Did not process files large enough to produce meaningful results". Try again with larger files.