Re: Report of collision-generation with MD5

From: Mike Tancsa (mike_at_sentex.net)
Date: 08/18/04

  • Next message: Peter C. Lai: "Re: Report of collision-generation with MD5" 
    Date: Wed, 18 Aug 2004 14:21:18 -0400
To: "Peter C. Lai" <sirmoo@cowbert.net>

    At 01:58 PM 18/08/2004, Peter C. Lai wrote:
    >Well while collisions are cryptographically significant, they don't
    >necessarily impact any operational security of the the hash. (Since the
    >collision merely means that there are possibly two inputs which will hash to
    >the same digest).

    As I have no crypto background to evaluate some of the (potentially wild
    and erroneous) claims being made in the popular press* (eg
    http://news.com.com/2100-1002_3-5313655.html see quote below), one thing
    that comes to mind is the safety of ports. If someone can pad an archive
    to come up with the same MD5 hash, this would challenge the security of the
    FreeBSD ports system no ?

    * "MD5's flaws that have been identified in the past few days mean that an
    attacker can generate one hash collision in a few hours on a standard PC.
    To write a specific back door and cloak it with the same hash collision may
    be much more time intensive. "

             ---Mike

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Peter C. Lai: "Re: Report of collision-generation with MD5"

    Relevant Pages

    • Re: Two-stage hashing (pre-hash big integer -> hash-array-index)
      ... > hash value instead of the key to generate the probe sequence. ... avoid all hashes with same home index following same collision chain, ... are the same will follow exactly the same collision chain. ... computes what I call the pre-hash, the large unsigned integer, from the ...
      (comp.programming)
    • Re: Report of collision-generation with MD5
      ... Well while collisions are cryptographically significant, ... necessarily impact any operational security of the the hash. ... to be altered will satisfy the conditions for the collision. ... Yale University School of Medicine ...
      (FreeBSD-Security)
    • Re: Panama hash collision question
      ... > No hash is literally collision free. ... We synchronize database systems by forming a checksum for each record ...
      (sci.crypt)
    • Re: keys and counters
      ... how many times can the counter be incremented before there is a collision in the hash, that is what i am asking. ... A hash function operated in such a counter mode as you suggest does not have this property - if I can guess or discover the input to the first block then I will know all the other blocks. ... You might think that some attacks are unreasonable/infeasible but do you really know what is possible to the world's largest employer of mathematicians, who have had for many years the world's largest computer budget and unlimited access to 60 plus years of classified research or what is possible for any of the other multi-billion dollar "smaller" big brothers?. ...
      (sci.crypt)
    • Re: Using hash to see if objects attributes have changed
      ... Storing the entire object instead of the hash is not likely to be *that* ... If all you care about is a flag that says whether the state has changed ... stateNow = hashlib.sha1)) ... across such a collision, leading to a bug that might cause loss of data. ...
      (comp.lang.python)