Re: Report of collision-generation with MD5
From: Borja Marcos (borjamar_at_sarenet.es)
Date: 08/19/04
- Previous message: Borja Marcos: "Re: Report of collision-generation with MD5"
- Maybe in reply to: David Wolfskill: "Report of collision-generation with MD5"
- Next in thread: George F. Costanzo: "RE: Report of collision-generation with MD5"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 19 Aug 2004 11:45:50 +0200 To: Darren Reed <avalon@cairo.anu.edu.au>
> Someone I was talking to made a point of highlighting that this is
> what the Chinese Government is allowing to be published in this area
> of research. That's enough to make you wonder what they've
> discovered but not published...
There is a fine line between false sense of security and conspiranoia,
and when using *any* cryptographic system (which includes algorithms)
you must decide where to put your trust.
I think (this is a personal opinion) that such an important discovery
is really hard to keep secret. Since cryptography became a public
research area, it is quite likely for important discoveries to be
widely known.
Of course, researchers working for government agencies can keep their
discoveries secret, but bear in mind that an apparently "harmless"
Mathematics discovery can have a dramatic impact on cryptography.
Although the example is obvious, imagine an article with a title such
as: "A faster method to factorize integers constructed as the product
of two primes given the constraints...". It could have a dramatic
impact on the security of any system using the RSA algorithm.
Do you think it is so easy to filter Mathematics research reports?
This is the joy of basic research. In many cases (of course you know in
my example!) you don't really know what the practical
applications/consequences will be.
Borja.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Borja Marcos: "Re: Report of collision-generation with MD5"
- Maybe in reply to: David Wolfskill: "Report of collision-generation with MD5"
- Next in thread: George F. Costanzo: "RE: Report of collision-generation with MD5"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
