Vulnerability Development mailing list archives
Re: Hashes,File protection,etc
From: Valdis.Kletnieks () vt edu
Date: Tue, 15 Oct 2002 18:00:53 -0400
On Tue, 15 Oct 2002 18:33:56 BST, Roland Postle <mail () blazde co uk> said:
Hmm, you took the quote and made it look like I said it. I agree with what you say but I'll attempt to defend the original author anyway, for the hell of it.
I was replying to the message that included headers: Message-id: <E181SrY-00007X-00.2002-10-15-15-40-01 () mail18 svr pol co uk> From: Roland Postle <mail () blazde co uk> Date: Tue, 15 Oct 2002 15:39:50 Looking at the original, it wasn't clear what you wrote and what you were citing from a URL from wiretapped.net either. Sorry about that...
c) 17K texts is just one application of MD5. To assume 17K texts, and then say "MD5 is secure enough" is misleading. Password hashing springs to mind. And if you want a random collision I'd guess you shouldn't have to hash more than around 16 bytes (128 bits) of plaintext / trial, since this is the keylength.
True enough. So you get to knock 3 zeros off. :) Do you know anybody who's willing to spend 58,000 CPU years to find 2 16-byte quantities that happen to have the same hash? ;) (OK, the guys at distributed.net might.. ;)
All of which means, with a big enough budget, you might be able to
And my point was simply that if your adversary has THAT size budget, the fact that they can find an MD5 collision is the *LEAST* of your problems. Your entire computer *is* Temptest-hardened, right? ;) (For the non-crypto-geeks out there - the FBI's investigation of an alledged mobster by the name of Scarfo got stalled when they found that he used PGP to encrypt all the incriminating stuff. Rather than break the crypto, or use any of the holes in PGP that may or may not have been known at the time, they got a court order for a black-bag job to install a keyboard recorder to grab his passphrase. Moral: Even if the expert cryptographers call an algorithm "weak", the *real* vulnerabilities are going to be elsewhere....) -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Re: /instmsg/alias/annoying_web_logs ;), (continued)
- Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 15)
- RE: /instmsg/alias/annoying_web_logs ;) Elan Hasson (Oct 15)
- RE: /instmsg/alias/annoying_web_logs ;) Dave Aitel (Oct 16)
- Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 16)
- Re: /instmsg/alias/annoying_web_logs ;) Chip McClure (Oct 15)
- RE: /instmsg/alias/annoying_web_logs ;) Shawn K. Hall (RA/Security) (Oct 20)
- Re: Hashes,File protection,etc Tony (Oct 15)
- Re: Hashes,File protection,etc Roland Postle (Oct 15)
- Re: Hashes,File protection,etc Valdis . Kletnieks (Oct 15)
- Re: Hashes,File protection,etc Roland Postle (Oct 16)
- Re: Hashes,File protection,etc Valdis . Kletnieks (Oct 16)
- Re: Hashes,File protection,etc Bob Mathews (Oct 16)
- Re: Hashes,File protection,etc Jose Nazario (Oct 15)
- Re: Hashes,File protection,etc Valdis . Kletnieks (Oct 15)
- RE: Hashes,File protection,etc Rich Cower (Oct 15)
- Re: Hashes,File protection,etc Eric Fritzges (Oct 15)
- Re: CROSS SITE-SCRIPTING Protection with PHP Sverre H. Huseby (Oct 14)
- Re: CROSS SITE-SCRIPTING Protection with PHP Valdis . Kletnieks (Oct 14)
- RE: CROSS SITE-SCRIPTING Protection with PHP Chris Field (Oct 12)
- Re: CROSS SITE-SCRIPTING Protection with PHP RoMaNSoFt (Oct 12)