Vulnerability Development mailing list archives

Re: Hashes,File protection,etc

From: Valdis.Kletnieks () vt edu
Date: Tue, 15 Oct 2002 18:00:53 -0400

On Tue, 15 Oct 2002 18:33:56 BST, Roland Postle <mail () blazde co uk>  said:

Hmm, you took the quote and made it look like I said it. I agree with
what you say but I'll attempt to defend the original author anyway, for
the hell of it.

I was replying to the message that included headers:

Message-id: <E181SrY-00007X-00.2002-10-15-15-40-01 () mail18 svr pol co uk>
From: Roland Postle <mail () blazde co uk>
Date: Tue, 15 Oct 2002 15:39:50

Looking at the original, it wasn't clear what you wrote and what you were
citing from a URL from wiretapped.net either.  Sorry about that...

c) 17K texts is just one application of MD5. To assume 17K texts, and
then say "MD5 is secure enough" is misleading. Password hashing springs
to mind. And if you want a random collision I'd guess you shouldn't
have to hash more than around 16 bytes (128 bits) of plaintext / trial,
since this is the keylength.


True enough. So you get to knock 3 zeros off.  :)

Do you know anybody who's willing to spend 58,000 CPU years to find 2
16-byte quantities that happen to have the same hash? ;) (OK, the guys
at distributed.net might.. ;)

All of which means, with a big enough budget, you might be able to


And my point was simply that if your adversary has THAT size budget,
the fact that they can find an MD5 collision is the *LEAST* of your
problems. Your entire computer *is* Temptest-hardened, right? ;)

(For the non-crypto-geeks out there - the FBI's investigation of an
alledged mobster by the name of Scarfo got stalled when they found that
he used PGP to encrypt all the incriminating stuff.  Rather than break
the crypto, or use any of the holes in PGP that may or may not have been
known at the time, they got a court order for a black-bag job to install
a keyboard recorder to grab his passphrase.  Moral:  Even if the expert
cryptographers call an algorithm "weak", the *real* vulnerabilities are
going to be elsewhere....)

-- 
                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech

Attachment: _bin
Description:

Current thread:

Re: /instmsg/alias/annoying_web_logs ;), (continued)
- - - Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 15)
    - RE: /instmsg/alias/annoying_web_logs ;) Elan Hasson (Oct 15)
    - RE: /instmsg/alias/annoying_web_logs ;) Dave Aitel (Oct 16)
    - Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 16)
    - Re: /instmsg/alias/annoying_web_logs ;) Chip McClure (Oct 15)
    - RE: /instmsg/alias/annoying_web_logs ;) Shawn K. Hall (RA/Security) (Oct 20)
    - Re: Hashes,File protection,etc Tony (Oct 15)
    - Re: Hashes,File protection,etc Roland Postle (Oct 15)
    - Re: Hashes,File protection,etc Valdis . Kletnieks (Oct 15)
    - Re: Hashes,File protection,etc Roland Postle (Oct 16)
    - Re: Hashes,File protection,etc Valdis . Kletnieks (Oct 16)
    - Re: Hashes,File protection,etc Bob Mathews (Oct 16)
    - Re: Hashes,File protection,etc Jose Nazario (Oct 15)
    - Re: Hashes,File protection,etc Valdis . Kletnieks (Oct 15)
    - RE: Hashes,File protection,etc Rich Cower (Oct 15)
    - Re: Hashes,File protection,etc Eric Fritzges (Oct 15)
    - Re: CROSS SITE-SCRIPTING Protection with PHP Sverre H. Huseby (Oct 14)
    - Re: CROSS SITE-SCRIPTING Protection with PHP Valdis . Kletnieks (Oct 14)
  - RE: CROSS SITE-SCRIPTING Protection with PHP Rob Shein (Oct 12)
    - RE: CROSS SITE-SCRIPTING Protection with PHP Chris Field (Oct 12)
    - Re: CROSS SITE-SCRIPTING Protection with PHP RoMaNSoFt (Oct 12)

(Thread continues...)