Date: Mon, 03 Dec 2007 20:25:38 -0800 From: Colin Percival <cperciva@freebsd.org> To: Norberto Meijome <freebsd@meijome.net> Cc: freebsd-security@freebsd.org Subject: Re: MD5 Collisions... Message-ID: <4754D6C2.3030005@freebsd.org> In-Reply-To: <20071203154412.461d0faf@meijome.net>
index | next in thread | previous in thread | raw e-mail
Norberto Meijome wrote: > should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? : > > " > MD5 has not yet (2001-09-03) been broken, but sufficient attacks have > been made that its security is in some doubt. The attacks on MD5 are in > the nature of finding ``collisions'' -- that is, multiple inputs which > hash to the same value; it is still unlikely for an attacker to be able > to determine the exact original input given a hash value. > " I fail to see how the man page is incorrect here. What do you think it should be saying instead? Colin Percival FreeBSD Security Officerhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4754D6C2.3030005>