Aug 20 2004

Weakness in MD5 and SHA

Published by Martin at 6:39 am under Hacking

SC Magazine

A colleague made a vague referrence to big news in cryptography yesterday, which confused me a little because I didn’t know what he was talking about. Well, now I do. On one hand this news worries me some, because of the usefullness of checksums for verification. On the other hand, given the power of today’s computers and the rate at which the power is increasing, it’s only a matter of time before the average desktop will be able to do a brute-force attack against these algorythms anyways. Does this mean it’s time to come up with a replacement for MD5?

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

2 Responses to “Weakness in MD5 and SHA”

  1. # Bart van Bragton 31 Aug 2004 at 4:11 am

    Don’t you just love those comment spammers? :\

    Anyway, found this on the web:

    ” More on collisions
    From: Geoffrey Leeming >geoffrey@jcp.co.uk<
    Subject: Re: MD5 weakness and possible consequences (Re: RISKS-19.14)
    Thomas Koenig is correct about the weakness in MD5, but recent postings in sci.crypt mention that he might be incorrect in the possible consequences. The weakness essentially allows an attacker to create two files that would have the same MD5 checksum, under very stringent conditions. However, the chances of finding two executable, meaningful pieces of code that would have the same checksum are so low that it can be considered computationally infeasible to do so.
    A more plausible consequence is that two cryptographic keys are created that have the same MD5 checksum. Then any digital certificate for one key would be valid for the second as well.”

    I guess that explains it all well :)

  2. # Bart van Bragton 31 Aug 2004 at 4:28 am

    Don’t you just love those comment spammers? :\

    Anyway, found this on the web:

    ” More on collisions
    From: Geoffrey Leeming >geoffrey@jcp.co.uk<
    Subject: Re: MD5 weakness and possible consequences (Re: RISKS-19.14)
    Thomas Koenig is correct about the weakness in MD5, but recent postings in sci.crypt mention that he might be incorrect in the possible consequences. The weakness essentially allows an attacker to create two files that would have the same MD5 checksum, under very stringent conditions. However, the chances of finding two executable, meaningful pieces of code that would have the same checksum are so low that it can be considered computationally infeasible to do so.
    A more plausible consequence is that two cryptographic keys are created that have the same MD5 checksum. Then any digital certificate for one key would be valid for the second as well.”

    I guess that explains it all well :)