Date: Mon, 3 Dec 2007 15:44:12 +1100 From: Norberto Meijome <freebsd@meijome.net> To: freebsd-security@freebsd.org Subject: MD5 Collisions... Message-ID: <20071203154412.461d0faf@meijome.net>
index | next in thread | raw e-mail
Hi everyone, Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ . should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? : " MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made that its security is in some doubt. The attacks on MD5 are in the nature of finding ``collisions'' -- that is, multiple inputs which hash to the same value; it is still unlikely for an attacker to be able to determine the exact original input given a hash value. " Cheers, B _________________________ {Beto|Norberto|Numard} Meijome If you find a solution and become attached to it, the solution may become your next problem. I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071203154412.461d0faf>