MD5 Collisions...
Norberto Meijome
freebsd at meijome.net
Sun Dec 2 21:10:59 PST 2007
Hi everyone,
Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ .
should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? :
"
MD5 has not yet (2001-09-03) been broken, but sufficient attacks have
been made that its security is in some doubt. The attacks on MD5 are in
the nature of finding ``collisions'' -- that is, multiple inputs which
hash to the same value; it is still unlikely for an attacker to be able
to determine the exact original input given a hash value.
"
Cheers,
B
_________________________
{Beto|Norberto|Numard} Meijome
If you find a solution and become attached to it, the solution may become your next problem.
I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
More information about the freebsd-security
mailing list