| • Science | • People | • Locations | • Timeline |
This weakness makes creating a hash collision trivial, allowing large sections to be completely altered without altering the checksum.
This method is used by Kazaa, and is exploited by the RIAA to corrupt downloads whenever possible.
UUHash will hash the first 300 kilobytes using MD5 and then apply a custom smallhash function to 300 KB blocks at file offsets 2^n MB with n being an integer incremented from 0 until the offset reaches end of file. Finally the last 300 KB of the file are hashed. If the last 300 KB of the file overlap with the last block of the 2^n sequence this block is ignored in favor of the file end block.
So, for example:
The 128 bit MD5 hash and the 32 bit smallhash are then concatenated yielding the 160 bit hash used to identify files on the FastTrack network.
The name UUHash is an unfortunate choice and derives from the sig2dat utility which creates URLs referencing files on Kazaa.
These URLs are of the form:
sig2dat://|File: surprise.mp3|Length:5845871Bytes|UUHash:=1LDYkHDl65OprVz37xN1VSo9b00=Not considering the fact that the URL format is not RFC conform it is clear that UUHash refers to the encoding (in BASE64 ) of the hash and not the hash itself.
The actual hash used on the FastTrack network is a concatenation of 128 bit MD5 of the first 300 KB of the file and a sparse 32 bit smallhash calculated in the way described above. The resulting 160 bits when encoded using BASE64 become the UUHash.