Date: Tue, 4 Dec 2007 06:27:54 -0800 (PST) From: Roger Marquis <marquis@roble.com> To: freebsd-security@freebsd.org Subject: Re: MD5 Collisions... Message-ID: <20071204142754.2F6362B228A@mx5.roble.com> In-Reply-To: <20071204120020.2CCA416A469@hub.freebsd.org> References: <20071204120020.2CCA416A469@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Colin Percival wrote: >> MD5 has not yet (2001-09-03) been broken, but sufficient attacks have >> been made that its security is in some doubt. The attacks on MD5 are in >> the nature of finding ``collisions'' -- that is, multiple inputs which >> hash to the same value; it is still unlikely for an attacker to be able >> to determine the exact original input given a hash value. >> " > > I fail to see how the man page is incorrect here. What do you think it should > be saying instead? I would drop the statement altogether since it is not accurate for MD5 signatures of binary packages and tarballs. At the very least define the specific scenarios under which MD5 can be broken and drop the "its security is in some doubt" claim. Vague statements about crypto are worse than none at all. -- Roger Marquis
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071204142754.2F6362B228A>