Report of collision-generation with MD5

[Claudiu]

hello,

please explain what do you mean by "reverse the hash". Is this the 
recreation of the originial message from its hash ?

With respect,



Peter C. Lai wrote:
> Well while collisions are cryptographically significant, they don't
> necessarily impact any operational security of the the hash. (Since the
> collision merely means that there are possibly two inputs which will hash to 
> the same digest). Where this could theoretically mean that someone could 
> alter a signed message, we have to look at the chance that what was intended
> to be altered will satisfy the conditions for the collision. The only 'real'
> worry about this issue is that if MD5 is already cryptographically challenged
> in this manner, it may be more possible to find a way to reverse the hash.
> 
> You can read the discussion here:
> http://www.rtfm.com/movabletype/archives/2004_08.html#001053
> http://www.rtfm.com/movabletype/archives/2004_03.html#000820
> 
> On Wed, Aug 18, 2004 at 10:24:27AM -0700, David Wolfskill wrote:
> 
>>Just got a pointer to this via ACM "TechNews Alert" for today:
>>
>>http://www.acm.org/technews/articles/2004-6/0818w.html#item2
>>
>>Seems that "... French computer scientist Antoine Joux reported on
>>Aug. 12 his discovery of a flaw in the MD5 algorithm, which is often
>>used with digital signatures...."
>>
>>There's more in the article cited above.
>>
>>Peace,
>>david
>>-- 
>>David H. Wolfskill				david at catwhisker.org
>>Evidence of curmudgeonliness:  becoming irritated with the usage of the
>>word "speed" in contexts referring to quantification of network
>>performance, as opposed to "bandwidth" or "latency."
>>_______________________________________________
>>freebsd-security at freebsd.org mailing list
>>http://lists.freebsd.org/mailman/listinfo/freebsd-security
>>To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
> 
> 


-- 
Claudiu Dragalina-Paraipan
e-mail: dr.clau at rdslink.ro