Full Disclosure mailing list archives
Re: MD5 algorithm considered toxic (and harmful)
From: Paul Schmehl <pauls () utdallas edu>
Date: Sat, 01 Dec 2007 15:21:02 -0600
--On December 1, 2007 2:20:21 PM -0500 Tim <tim-security () sentinelchicken org> wrote:
because they perform risk-analysis: - what are the threats to my assets? - which role does MD5 play there? - any subsequent risk then from using it? - high priority risk? mitigating controls or risk acceptance?Don't kid yourself. Very few businesses in my experience think about this stuff when they go to use a hash. Most just use whatever hash they're used to using. I rarely see clients actually sitting down and thinking about what the application of a given hash is and what the threats are in their specific case.would you be so kind to show me a real-world attack against a VPN using MD5 hashing? ...Assuming there are no real-world attacks against your particular VPN that uses MD5, does that make it safe for the rest of us in any given application? A rather leading question IMO.
While I don't think it's time to panic, it's definitely time to begin moving to SHA-256 and stop using MD-5. FreeBSD has already done so in its ports system, although you can still use MD-5 as well. But far too many downloads still use MD-5 or **no checksum at all**, and that is a problem. While collisions in MD-5 are now proven, what I've not seen yet is the ability to alter a legitimate file or tarball yet generate the same checksum. It *is* theoretically possible, however, and the fact that collisions have been proven should be enough to begin abandoning its use IMO. Paul Schmehl (pauls () utdallas edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- MD5 algorithm considered toxic (and harmful) Kristian Erik Hermansen (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) Steven Adair (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) James Matthews (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) Enno Rey (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) Tim (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) Paul Schmehl (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) James Matthews (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) Steven Adair (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) Kristian Erik Hermansen (Dec 01)