Re: Report of collision-generation with MD5

• Previous message: mario.lobo_at_ipad.com.br: "Re: Report of collision-generation with MD5"
• In reply to: Mike Tancsa: "Re: Report of collision-generation with MD5"
• Next in thread: guy_at_device.dyndns.org: "Re: Report of collision-generation with MD5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 18 Aug 2004 21:35:44 +0100
To: Mike Tancsa <mike@sentex.net>

On Wed, Aug 18, 2004 at 02:21:18PM -0400, Mike Tancsa wrote:
> At 01:58 PM 18/08/2004, Peter C. Lai wrote:
> >Well while collisions are cryptographically significant, they don't
> >necessarily impact any operational security of the the hash. (Since the
> >collision merely means that there are possibly two inputs which will hash
> >to
> >the same digest).
>
>
> As I have no crypto background to evaluate some of the (potentially wild
> and erroneous) claims being made in the popular press* (eg
> http://news.com.com/2100-1002_3-5313655.html see quote below), one thing
> that comes to mind is the safety of ports. If someone can pad an archive
> to come up with the same MD5 hash, this would challenge the security of the
> FreeBSD ports system no ?
>
> * "MD5's flaws that have been identified in the past few days mean that an
> attacker can generate one hash collision in a few hours on a standard PC.
> To write a specific back door and cloak it with the same hash collision may
> be much more time intensive. "

At least the SHA-1 hash is still considered secure, and there's a
whole series of SHA-nnn functions beyond that. I believe SHA-1 is
already used implicitly by FreeBSD as the standard hash function used
by gnupg(1) when digitally signing security alerts. Various SHA
hashes are already given in a few ports distinfo files -- eg
sysutils/coreutils, net/fping, misc/less -- although there seems to be
no support in bsd.port.mk for checking anything other than MD5 as yet.

I can't see any justification for giving up on MD5 just yet, but
should the need eventually arise switching the ports over to an
alternative hashing algorithm could be done relatively quickly.

        Cheers,

        Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

• application/pgp-signature attachment: stored

• Previous message: mario.lobo_at_ipad.com.br: "Re: Report of collision-generation with MD5"
• In reply to: Mike Tancsa: "Re: Report of collision-generation with MD5"
• Next in thread: guy_at_device.dyndns.org: "Re: Report of collision-generation with MD5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]