gnu-arch-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: MD5 is broken

From: Andrew Suffield
Subject: Re: [Gnu-arch-users] Re: MD5 is broken
Date: Wed, 16 Mar 2005 17:28:22 +0000
User-agent: Mutt/1.5.6+20040907i 
On Wed, Mar 16, 2005 at 10:02:35AM +0100, Karel Gardas wrote:
> On Wed, 16 Mar 2005, Andrew Suffield wrote:
> 
> > On Wed, Mar 16, 2005 at 12:26:30PM +0600, Ivan Boldyrev wrote:
> > > > If someone finds a second pre-image attack against md5, then arch
> > > > will be in trouble (but so will just about anything else).
> > >
> > > MD5 is considered insecure for many years.  Arch is already in trouble
> > > because Arch developers do not understand security.
> > >
> > > I am not security expert too, but designing security attack against
> > > Arch took less time than writing this message.
> >
> > This is pure nonsense. Go away and read /Beyond Fear/, and maybe
> > /Secrets & Lies/ as well. And CRYPTO-GRAM too, while you're at
> > it. I've seen journalists with better comprehension of security.
> 
> I don't fully agree with Ivan's notes, but this does not change anything
> about the danger of using MD5, or does it?

There's no real danger to using MD5. It's not like there's anything
else you could be doing that would be any stronger.

-- 
  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]