Re: MD5 Collisions...

On Tue, 04 Dec 2007 13:43:39 +0100
Iang <iang@iang.org> wrote:

> Perhaps, 1st two paras:
> 
> 
> ==============
> Md5 is a cryptographic message digest algorithm.  It takes 
> as input a message of arbitrary length and produces as 
> output a 128-bit ``fingerprint'' or ``digest'' of the input. 
>   Such algorithms are intended for applications where a 
> large file must be ``compressed'' in a secure manner, 
> suitable as a digital signature or as an input to a 
> public-key cryptosystem for digital signature or encryption 
> purposes.
> 
> MD5 is no longer recommended as a cryptographic message 
> digest algorithm, although it functions very well as a big 
> checksum.  It is now feasible (2004) to produce two messages 
> having the same MD5 message digest (``collision'' attack), 
> and attacks of this nature are getting better and faster. 
> It is still conjectured to be computationally infeasible 
> (2007) to produce any message having a given prespecified 
> target message digest (``preimage'' attack).
> ==============
> 
> 
> 
> It's worth checking carefully ... discussing the minutiae of 
> cryptographic algorithms is like angels dancing on a pin.

thanks Iang - looks good to me.

btw, i just checked man 3 md5 , and it may need updating - it refers to 1999..
"
 MD5 has not yet (1999-02-11) been broken, but sufficient attacks
     have been made that its security is in some doubt....
"
B

_________________________
{Beto|Norberto|Numard} Meijome

Commitment is active, not passive. Commitment is doing whatever you can to
bring about the desired result. Anything less is half-hearted.

I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"