Re: Report of collision-generation with MD5



On 18 Aug 2004, at 20:08, Claudiu wrote:

> hello,
>
> please explain what do you mean by "reverse the hash". Is this the 
> recreation of the originial message from its hash ?

	You cannot reverse a hash. By definition, it is a non-reversible 
mathematical function.
If you get a set of messages and apply a hash to each of them, given a 
big enogh set of messages you will find that some of them have the same 
hash. The issue is not the existence of collisions. It is obvious that 
there will be collisions. The issue is how easy or hard it is to find a 
collision.

	Imagine a very simple hash: a checksum. Given a message, M, it is 
trivial to generate another message with the same checksum. However, 
using a "cryptographically secure" hash, there is no easy method to do 
that, other than brute force.

	What researchers have discovered could lead to a shortcut, easier (and 
cheaper) to perform that a brute force search for collision finding. It 
does not mean that those digests are "broken", but indeed it means that 
they are less secure than previously thought.


	Borja.

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"