EMULAB Forum

clrmamepro [English] => clrmame Discussion => Topic started by: wertercatt on 26 October 2017, 01:36

Title: [REQUEST] Support a Cryptographic Secure Checksum Algorithm
Post by: wertercatt on 26 October 2017, 01:36

Currently, clrmamepro only supports CRC32, MD5, and SHA-1 checksums in its DATfiles. CRC32 is obviously bad for file integrity due to how easy collisions are. MD5 collisions have been known to be possible since 2005 (see http://www.mscs.dal.ca/~selinger/md5collision/ (http://www.mscs.dal.ca/~selinger/md5collision/).) So, SHA-1 would be our only hope for a cryptographically secure checksum to use in clrmamepro DATs, if we want to make sure that a corrupt DATed file is detected... if an SHA-1 collision hadn't already been found. Whoops. (see http://shattered.io/ (http://shattered.io/))

Because all three of the checksum functions supported in clrmamepro have the possibility of hash collisions, I believe a new secure checksum function should be implemented so DAT creators can take advantage of it for preserving files. I would like to request that support for the SHA-2 (SHA-256, and SHA-512) and SHA-3 (SHA3-256, and SHA3-512) families of functions be added to clrmamepro. This will bring its checksum support up to speed with current cryptographic knowledge and increase the ability of DAT'd romsets to be preserved.

Title: Re: [REQUEST] Support a Cryptographic Secure Checksum Algorithm
Post by: oxyandy on 26 October 2017, 03:56

There are plenty of dats which have crc32, md5 & sha1
You will never have a collision of all 3 in a 'faked file'
so isn't it already secure enough ?
You tell me... :)

Title: Re: [REQUEST] Support a Cryptographic Secure Checksum Algorithm
Post by: Roman on 26 October 2017, 07:07

"On 23 February 2017, Google announced the SHAttered attack, in which they generated two different PDF files with the same SHA-1 hash in roughly 263.1 SHA-1 evaluations. This attack is about 100,000 times faster than brute forcing a SHA-1 collision with a birthday attack, which was estimated to take 280 SHA-1 evaluations. The attack required "the equivalent processing power as 6,500 years of single-CPU computations and 110 years of single-GPU computations"

This...and the fact that we use crc32 + size + sha1 will make it very unlikely that someone will fake a file for whatever reason to match all 3 attributes

and don't forget, we're mainly talking about rom files which are usually provided by the dumpers themselves which of course want a good dump. Besides of this, modification of files will end in either broken graphics/sound roms or code roms which don't run then....

To sum it up...in the MAME world, there is no need to switch to SHA512 etc....  ...and as long as MAME doesn't include a new hash you won't see it in cmpro