Access your Pro+ Content below.
New CAS players avoid hash lock-in
This article is part of the Vol. 5 No. 6 August 2006 issue of Storage magazine
IN 2004, cryptographic researchers announced they had discovered a flaw in the popular MD5 hashing algorithm that allowed it to be "cracked" in a matter of hours. Questions were immediately raised about Centera, EMC's archiving platform that relied on MD5 to create a "content address" of an object to ensure its authenticity. Whether or not the MD5 crack means anything to Centera customers is a matter of opinion. First of all, Centera no longer uses MD5, but a proprietary version of SHA-256. Even so, it would be exceedingly difficult for someone to take advantage of the MD5 vulnerability and, say, remove incriminating evidence stored on a Centera. But from a compliance standpoint, the algorithm used to create a content address must be unassailable, says Paul Carpentier, CTO at Caringo, an Austin, TX-based content-addressed storage (CAS) startup. "As it stands, an expert today cannot say 'Beyond a shadow of a doubt, this is the original document.'" It should come as no surprise, therefore, that newcomers to the CAS space have been...
Access this Pro+ Content for Free!