MD5 Collisions...
- From: Norberto Meijome <freebsd@xxxxxxxxxxx>
- Date: Mon, 3 Dec 2007 15:44:12 +1100
Hi everyone,
Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ .
should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? :
"
MD5 has not yet (2001-09-03) been broken, but sufficient attacks have
been made that its security is in some doubt. The attacks on MD5 are in
the nature of finding ``collisions'' -- that is, multiple inputs which
hash to the same value; it is still unlikely for an attacker to be able
to determine the exact original input given a hash value.
"
Cheers,
B
_________________________
{Beto|Norberto|Numard} Meijome
If you find a solution and become attached to it, the solution may become your next problem.
I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: MD5 Collisions...
- From: Colin Percival
- Re: MD5 Collisions...
- From: Iang
- Re: MD5 Collisions...
- From: jason
- Re: MD5 Collisions...
- From: Mohacsi Janos
- Re: MD5 Collisions...
- Prev by Date: Re: Setting SSH timeout
- Next by Date: Re: MD5 Collisions...
- Previous by thread: Setting SSH timeout
- Next by thread: Re: MD5 Collisions...
- Index(es):
Relevant Pages
|
|
