Report of collision-generation with MD5
Mark C. Langston
mark at bitshift.org
Wed Aug 18 10:32:38 PDT 2004
On Wed, Aug 18, 2004 at 10:25:16AM -0700, David Wolfskill wrote:
> Just got a pointer to this via ACM "TechNews Alert" for today:
>
> http://www.acm.org/technews/articles/2004-6/0818w.html#item2
>
> Seems that "... French computer scientist Antoine Joux reported on
> Aug. 12 his discovery of a flaw in the MD5 algorithm, which is often
> used with digital signatures...."
>
> There's more in the article cited above.
Worse, they suspect a possible collision in SHA1 as well.
I think we're beginning to see the possibility that entropy generation
and cryptography will never truly be secure; it's just that we can
invent complexity faster than we can explore and/or explain it, so
showstopping bugs are always lagging deployment.
I'm waiting for the first quantum crypto crack to be announced. ;)
--
Mark C. Langston GOSSiP Project Sr. Unix SysAdmin
mark at bitshift.org http://sufficiently-advanced.net mark at seti.org
Systems & Network Admin Distributed SETI Institute
http://bitshift.org E-mail Reputation http://www.seti.org
More information about the Baylisa
mailing list