gnu-arch-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: MD5 is broken

From: Karel Gardas
Subject: Re: [Gnu-arch-users] Re: MD5 is broken
Date: Wed, 16 Mar 2005 19:57:15 +0100 (CET) 
On Wed, 16 Mar 2005, Andrew Suffield wrote:

> On Wed, Mar 16, 2005 at 12:46:28PM +0100, Karel Gardas wrote:
> > Sorry! That's just my short-cut of the whole problem. As I've already
> > written I don't agree fully with Ivan's statements, but this does not
> > change anything on the fact that MD5 is broken.
>
> MD5 is not broken. That's a myth. Stop spreading it.

Perhaps `MD5 is broken' is not the best description of the problem, but
let say `MD5 is not collision free'. Is this better for you? i.e. there is
a possibility to find two values which hash to the same hash without using
brute force attack.

> > Yes, I agree, but combining two hashes from which one is considered broken
> > and one is considered weak these days is IMHO less secure than using one
> > hash which is considered secure.
>
> Your opinion is stupid and wrong, and there are no hashes which are
> 'considered secure' anyway.

'considered secure' means 'considered more secure than X' in this context.
Anyway, thanks for your polite `Your opinion is stupid and wrong'. I've
just thought that as a long time Arch user I can spread some of my fears
with more broader Arch community and I hope such possibility will be
preserved in the future.

Thanks,
Karel
--
Karel Gardas                  address@hidden
ObjectSecurity Ltd.           http://www.objectsecurity.com
reply via email to
[Prev in Thread] Current Thread [Next in Thread]