Date: Mon, 3 Dec 2007 15:44:12 +1100 From: Norberto Meijome <freebsd@meijome.net> To: freebsd-security@freebsd.org Subject: MD5 Collisions... Message-ID: <20071203154412.461d0faf@meijome.net>
next in thread | raw e-mail | index | archive | help
Hi everyone, Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ . should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? : " MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made that its security is in some doubt. The attacks on MD5 are in the nature of finding ``collisions'' -- that is, multiple inputs which hash to the same value; it is still unlikely for an attacker to be able to determine the exact original input given a hash value. " Cheers, B _________________________ {Beto|Norberto|Numard} Meijome If you find a solution and become attached to it, the solution may become your next problem. I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071203154412.461d0faf>