From owner-freebsd-security Fri Jun 7 18:24:32 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA14195 for security-outgoing; Fri, 7 Jun 1996 18:24:32 -0700 (PDT) Received: from critter.tfs.com ([140.145.16.108]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id SAA14184; Fri, 7 Jun 1996 18:24:26 -0700 (PDT) Received: from critter.tfs.com (localhost [127.0.0.1]) by critter.tfs.com (8.7.5/8.7.3) with ESMTP id SAA01263; Fri, 7 Jun 1996 18:23:57 -0700 (PDT) To: Steve Reid cc: freebsd-security@freebsd.org Subject: Re: MD5 broken In-reply-to: Your message of "Fri, 07 Jun 1996 17:05:25 PDT." Date: Fri, 07 Jun 1996 18:23:56 -0700 Message-ID: <1261.834197036@critter.tfs.com> From: Poul-Henning Kamp Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In message , Steve >Sorry if I'm digging up a dead topic, but is everyone here aware that MD5 >has been broken? > >About a month ago, Hans Dobbertin showed that he could generate MD5 >collisions in just 10 hours on a Pentium PC. Lets not get unduly worried here. He has not generated "MD5 collissions". He has generated "MD5 >pseudo< collisions". He is using a different initial buffer than the one used in MD5, and argues that he then has exposed a weakness in MD5. He may have. Could be. It's not that interesting. "Hey, if I substitute sugar for sand when I make a window it's much easier to break the glass." You think the insurrance people care ? Until somebody comes up with a way of solving A = MD5(X) for some given value of A then you don't need to worry to much. Poul-Henning -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Future will arrive by its own means, progress not so.