Report of collision-generation with MD5
Roy S. Rapoport
rsr at inorganic.org
Wed Aug 18 11:12:35 PDT 2004
On Wed, Aug 18, 2004 at 10:32:38AM -0700, Mark C. Langston wrote:
> I think we're beginning to see the possibility that entropy generation
> and cryptography will never truly be secure; it's just that we can
> invent complexity faster than we can explore and/or explain it, so
> showstopping bugs are always lagging deployment.
I thought the word we were looking for was "sufficiently secure"? My
impression was that the goal of security algorithms was to make it so the
job of unlocking the door was hugely more complex than the job of locking
it. In other words, it's always a race against time for sufficiently large
values of 'time'.
I'll note that I remember reading from some text in the early 90's that
512-bit keys were going to be around for a long while. The RSA challenge
has factored a 576-bit number now. And that's just with public computing
systems.
-roy
More information about the Baylisa
mailing list