Bugtraq mailing list archives
Re: MD5 To Be Considered Harmful Someday
From: Gandalf The White <gandalf () digital net>
Date: Tue, 07 Dec 2004 16:54:34 -0600
Greetings and Salutations: On 12/6/04 5:29 PM, "Dan Kaminsky" <dan () doxpara com> wrote: <snip>
Some highlights from the paper: * The attack itself is pretty limited -- essentially, we can create "doppelganger" blocks (my term) anywhere inside a file that may be swapped out, one for another, without altering the final MD5 hash. This lets us create any number of binary-inequal files with the same md5sum.
From my reading it appears that you need the original source to create the
doppelganger blocks. It also appears that given a MD5 hash you could not create a input that would give that MD5 back. Passwords encoded with MD5 would not fall prey to your discovery. Is this correct? Unfortunately when "The Press" publicized the MD5 hash discovery by Joux and Wang it almost sounded like "The Press" was surprised to find collisions in the MD5 domain (intuitive to me, a limited number of outputs and a infinite number of inputs = Collisions). I assume that a "good" hash would have a even distribution of collisions across the domain and that the larger number of bits for the output the better the hash (assuming no cryptographic algorithm errors). Thanks, Ken --------------------------------------------------------------- Do not meddle in the affairs of wizards for they are subtle and quick to anger. Ken Hollis - Gandalf The White - gandalf () digital net - O- TINLC WWW Page - http://digital.net/~gandalf/ Trace E-Mail forgery - http://digital.net/~gandalf/spamfaq.html Trolls crossposts - http://digital.net/~gandalf/trollfaq.html
Current thread:
- MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 07)
- Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 07)
- Re: MD5 To Be Considered Harmful Someday Tim (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Dragos Ruiu (Dec 08)
- Re: MD5 To Be Considered Harmful Someday David F. Skoll (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Joel Maslak (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Steve Friedl (Dec 08)
- RE: MD5 To Be Considered Harmful Someday David Schwartz (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Keith Oxenrider (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Paul Wouters (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Tim (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 07)