Dataman Vali-Flash 4.1 User Manual
Page 18
- 18 -
Q: What changes the Vali-Flash signature?
A: If the data changes, then the signatures change. Anytime the data is different, it will produce a different CRC32
and SHA1. Keep in mind that the Dataman CRC32 is not as secure as the SHA1 in terms of data tampering. The
CRC32 is reasonably secure. However, just be aware that there are ways of tampering with data while keeping the
CRC32 signature the same. Vali-Flash keeps these signatures in a database and matches the SHA1 and CRC32. This is
extremely secure.
Q: Could you please confirm that we could use Vali-Flash to burn an image of the same size (e.g. 29KB) to
CF's with various raw sizes (e.g. 32MB, 64MB, 128MB), and different manufacturers (e.g. Hitachi,
Toshiba), and that Vali-Flash after that would create the same signature for these CF's.
A: Vali-Flash will 100% definitely NOT create the same signature with different data sizes. It doesn't matter who
makes the card, what matters is the size of the card. These cards are completely read for security reasons. For
example, offset data could pose a security risk. The entire card is checked, including slack space and everything. So
the signature is very dependent on the data. Think of the signature as a unique fingerprint of that data. If altered or
changed the signature will change.
Now this is not a problem. When you create resized images you can use a game name that is specific to that card.
Something like "Game Sample Hitachi-128MB-China" can be the game name or "Game Sample 1", "Game Sample 2",
etc. Then when you validate this card it will pull up that specific record ("Game Sample Hitachi-128MB-China"). You
can have as many of these as you want, all you have to do is put some forethought in the naming methodology. There
is no reduction of security at all, with the added benefit of being able to use cards off the shelf. If the cards are
altered or changed or go bad, they will still produce a completely unknown signature.
We do have another product that does not check "meta-data". It only checks the files. This product is called Vali-File.
Q: If you create resized images of the same original data, is there any way to know that the original data
is the same on those different images, and that the original data is just put onto different sized CF's?
A: No. Not currently. A SHA1/CRC32 is calculated for that card in full. A resized image is just the base image +
padded (all zeros) data to the end until the end of the drive. This obviously changes the signature, if the data size is
different.
Q: The Vali-Flash program generated a CRC32 of 399FCU6F. As I understand, it generates a CRC32 a 32
bit hex value. 'U' is not a hex value [0-F]. For which number does 'U' stand for? Does it stand for '0'?
A: The CRC32 is actually a Dataman CRC32. The Dataman CRC-32 algorithm is proprietary to Dataman. The
calculated signature has similar properties to that of the CRC-32 algorithm, which is used to identify data corruption.
All Dataman validators will produce the Dataman CRC-32 signature.
Now the SHA1 is a standard SHA1 algorithm. The SHA-1 hash algorithm refers to a published standard; please see the
Secure Hash Standard, in the Federal Information Processing Standards Publication 180-1. This publication is available
at
So the 'U' actually stands for a 'U'. This is the same for Vali-File, the Dataman S4 Validator and Dataman Vali-Flash.
Q: Does a different 'created' timestamp of a file change the Vali-Flash signature?
Q: Does a different 'modified' timestamp change the Vali-Flash signature?
Q: Does a different 'accessed' timestamp change the Vali-Flash signature?
Q: Does a different 'created' timestamp of a folder change the Vali-Flash signature?
A: With Vali-Flash, the entire card is validated. If any data changes, the signature will change. The created timestamp
is part of the file system. If any part of the file system changes, then the signature will also change.
Folders, files, attributes, metadata, slack space, etc. is all included in the raw data. If any part of this changes then
the signature will not match.
Q: Does the order of the files change the Vali-Flash signature?
A: Yes. Files are not looked at. The raw data is analyzed.
Q: I would also like to know what actions change the Vali-Flash signature?
A: Anything that changes the raw actual data on a CompactFlash card would change the signatures.