Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

EMC Defends Centera's Integrity

EMC Corp. (NYSE: EMC) says the authenticity of records stored on Centera systems has not been compromised by recently publicized flaws in the MD5 algorithm. That's the method EMC's content addressable system (CAS) uses to create digital signatures (see EMC Enhances Centera and EMC Preps Centera).

Researchers from China, France, and Israel presented findings last week at the Crypto 2004 conference in Santa Barbara, Calif., that showed MD5 could be easily cracked. Network Appliance Inc. (Nasdaq: NTAP) charged via email that the data of any storage system that relies on MD5 is at risk -- specifically, EMC's Centera.

EMC, however, says the biggest flaw is in the way NetApp has spun the findings.

EMC emphatically disputes the spreading of FUD around our Centera product and the idea that a security flaw puts data at risk for duplication, corruption, or any malicious changes,” an EMC spokesman said today.

The MD5 algorithm is used for digital signature applications, in which a large file must be securely compressed before it is encrypted with a private key. MD5 underlies Centera’s single-instance storage capability, which reduces storage overhead by storing only one copy of a file with a unique content address. Pointers are used for subsequent copies of the same record.

  • 1