Security Incidents mailing list archives
Re: Generic checksums (MD5 DB)
From: kluegel () LANL GOV (Thomas J. Kluegel)
Date: Tue, 21 Mar 2000 13:33:42 -0700
Pool our tripwire databases together??? I'd like to see if some kids figure out a way to make their rootkit'ed version fit _one_ of the "ok" MD5's - random chance? :-{ Cheers, Filip G.
MD5 is 128-bits, and there's no publicly known way to forge a file that has a given MD5 value. Its exceedingly improbable that two given files would accidently have the same MD5 values. Also, its computationally too expensive to attack via brute force. The only hope for cracking such a thing is for someone to make a mathematical breakthrough that enables forging with a computationally feasible effort. At this time, I think MD5 is safe. -- Tom Kluegel Los Alamos National Laboratory Los Alamos, New Mexico, USA
Current thread:
- Generic checksums (MD5 DB) Ville (Mar 17)
- 8 hours of pinging Jim Lindstrom (Mar 20)
- Re: 8 hours of pinging Rick Ballard (Mar 21)
- Re: 8 hours of pinging Robert Graham (Mar 21)
- Re: 8 hours of pinging Bob Fayne (Mar 22)
- Re: 8 hours of pinging Jim Lindstrom (Mar 22)
- 8 hours of pinging Foley, Michael P (Mar 22)
- Re: 8 hours of pinging Mike A. Harris (Mar 24)
- Re: Generic checksums (MD5 DB) Filip M. Gieszczykiewicz (Mar 20)
- <Possible follow-ups>
- Re: Generic checksums (MD5 DB) Jon Burdge (Mar 21)
- Re: Generic checksums (MD5 DB) Thomas J. Kluegel (Mar 21)
- 8 hours of pinging Jim Lindstrom (Mar 20)