[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] MD5 is broken
|
From: |
Matthew Dempsky |
|
Subject: |
Re: [Gnu-arch-users] MD5 is broken |
|
Date: |
Tue, 15 Mar 2005 22:40:55 -0600 |
On Tue, 2005-03-15 at 20:03 +0600, Ivan Boldyrev wrote:
> Arch uses MD5 internally. But MD5 is not weak hash function, it was
> attacked many times, and recently first practical attack was created:
That attack you cite is just at finding two documents that have the same
collision, which isn't a very useful attack against an arch archive. If
someone finds a second pre-image attack against md5, then arch will be
in trouble (but so will just about anything else).
> GNU Arch must move away from MD5 ASAP.
You're right, arch /does/ need to switch to something more secure
eventually, but please don't spread FUD exaggerating the consequences of
this most recent finding.
--
Matthew Dempsky <address@hidden>
signature.asc
Description: This is a digitally signed message part
- [Gnu-arch-users] MD5 is broken, Ivan Boldyrev, 2005/03/15
- Re: [Gnu-arch-users] MD5 is broken,
Matthew Dempsky <=
- [Gnu-arch-users] Re: MD5 is broken, Ivan Boldyrev, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Andrew Suffield, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Jan Hudec, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Tom Lord, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Tom Lord, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Matthew Dempsky, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Andrew Suffield, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16