MD5 Collisions...

Hi everyone,

Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ .

should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? :

"     
MD5 has not yet (2001-09-03) been broken, but sufficient attacks have
     been made that its security is in some doubt.  The attacks on MD5 are in
     the nature of finding ``collisions'' -- that is, multiple inputs which
     hash to the same value; it is still unlikely for an attacker to be able
     to determine the exact original input given a hash value.
"

Cheers,
B
_________________________
{Beto|Norberto|Numard} Meijome

If you find a solution and become attached to it, the solution may become your next problem.

I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"