结合使用SHA1 + MD5 [英] Use a combination of SHA1+MD5

问题描述

我正在尝试使用一种安全的方法来为文件创建校验和(大于10GB！).

I'm trying use a secure way to create checksum for files (Larger than 10GB !).

SHA256对我来说足够安全，但是此算法处理成本很高，因此不适合. 我知道SHA1和MD5校验和在冲突中都是不安全的.

SHA256 is secure enough for me but this algorithm is so process expensive and it is not suitable. Well I know that both SHA1 and MD5 checksums are insecure through the collisions.

因此，我只是认为最快，最安全的方法是将MD5与SHA1结合使用，例如:SHA1 + MD5，我不认为有办法同时获得具有相同MD5和SHA1的文件(冲突).

So I just think the fastest and the safest way is combining MD5 with SHA1 like : SHA1+MD5 and I don't think there is way to get file (Collision) with the same MD5 and SHA1 both at a same time .

那么结合SHA1 + MD5进行文件校验和是否足够安全?还是有像碰撞这样的攻击?

So is combining SHA1+MD5 secure enough for file checksum? or is there any attack like collision for it ?

我以两种方式使用c#mono(Bufferstream和不使用Bufferedstream)

I use c# mono in two way (Bufferstream and without Bufferedstream)

    public static string GetChecksum(string file)
    {
        using (FileStream stream = File.OpenRead(file))
        {
            var sha = new SHA256Managed();
            byte[] checksum = sha.ComputeHash(stream);
            return BitConverter.ToString(checksum).Replace("-", String.Empty);
        }
    }

    public static string GetChecksumBuffered(Stream stream)
    {
        using (var bufferedStream = new BufferedStream(stream, 1024 * 32))
        {
            var sha = new SHA256Managed();
            byte[] checksum = sha.ComputeHash(bufferedStream);
            return BitConverter.ToString(checksum).Replace("-", String.Empty);
        }
    }

更新1: 我的意思是SHA1哈希+ MD5哈希.首先计算文件的SHA1，然后计算文件的MD5，然后将这两个字符串加在一起.

Update 1: I mean SHA1 hash + MD5 hash. First calculate SHA1 of file then calculate MD5 of file then add this two sting together.

更新2:

正如@ zaph 所述，我根据阅读的内容再次实现了我的代码(C#MONO) ://stackoverflow.com/questions/1177607/what-is-the-the-fastest-way-to-create-a-checksum-for-large-files-in-c-sharp>此处，但它没有编写我的代码的速度不如他说的那么快！它将4.6 GB文件的速度从(大约)12分钟提高到了大约8分钟.但是sha1 + md5花了我不到100秒的时间.所以我仍然认为改用SHA256是不合适的.

As @zaph mentioned I implement my code(C# MONO) again according what I read here but it doesn't make my code as fast as he said ! It makes my speed for a 4.6 GB file from (approximate) 12mins to about 8.~ mins but sha1+md5 takes me less than 100 secs for this file. So I still think it isn't right to use SHA256 instead.

推荐答案

SHA-256与MD5 + SHA1的组合之间应该只有很小的差异.

There should be only a small difference between SHA-256 and a combination of MD5+SHA1.

唯一知道的方法是进行基准测试

The only way to know is to benchmark:

在我的桌面上:
SHA-256: 200 MB/s
MD5: 470 MB/s
SHA1: 500 MB/s (updated, previously incorrect)
MD5+SHA1 240 MB/s

On my desk top:
SHA-256: 200 MB/s
MD5: 470 MB/s
SHA1: 500 MB/s (updated, previously incorrect)
MD5+SHA1 240 MB/s

这些时间仅用于散列，不包括磁盘读取时间.测试是使用1MB缓冲区完成的，平均运行10次.语言是"C"，使用的库是Apple的Common Crypto. CPU是2.8 GHz四核Intel Xeon(2010 MacPro，我的笔记本电脑更快).

These times are only for the hashing, disk read time is not included. The tests were done with a 1MB buffer and averaged over 10 runs. The language was "C" and the library used was Apple's Common Crypto. The cpu was a 2.8 GHz Quad-Core Intel Xeon (2010 MacPro, my laptop is faster).

最后，组合使用MD5 + SHA1的速度提高了23％.

In the end it is 23% faster to use the combined MD5+SHA1.

注意:大多数英特尔处理器都有可用于使加密操作更快的指令.并非所有的实现都利用这些指令.

Note: Most Intel processors have instruction that can be used to make crypto operations faster. Not all implementations utilize these instructions.

您可以尝试使用本机实现，例如 sha256sum .

YOumight try a native implementations such as sha256sum.

这篇关于结合使用SHA1 + MD5的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！