Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Hashes,File protection,etc

From: Valdis.Kletnieks () vt edu
Date: Tue, 15 Oct 2002 11:46:08 -0400
On Mon, 14 Oct 2002 17:04:37 EDT, Tony said:


Does anyone have a reference/link to any well known md5 vulnerabilities.
I remeber reading something about them awhile back but couldn't google 
up anything. Also , are there any arguements *against* using md5? Should
persons be using sha1 instead ?


As far as I know, nobody has managed to produce an actual MD5 hash collision.
Unless there's a *really major* break, which would be Big News, the resources
needed to exploit md5 itself are *waaay* past any that any attacker might have
access to.  The *BIG* vulnerability is the same as it's always been - if the
attacker can replace the foobar.tar.gz file with a trojaned copy, they can
replace the plaintext file that has the checksums in it too.  A bigger worry
is that people won't even bother checking - a little birdie told me that the
recent Sendmail trojan was out there for a week mostly because *nobody bothered
checking the md5sum*.

Bottom line - given current state-of-the-art, even *IF* there exists somebody who
can actually exploit MD5 itself, it would be much easier for them to arrange
things so you were comparing the trojaned file against a trojaned checksum....
-- 
                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: