[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH2 Encryption


peter@llama.nslug.ns.ca (2002-06-13 at 0330.28 -0300):
> 
>  Yes.  MD5 has had some very minor breaks.  It is easier to find
> hash collisions than it should be.  This means that it is possible to find
> two messages that hash to the same value.  You need to choose _both_
> messages, so this doesn't help you e.g. make trojan binaries that have the
> same MD5 hash as the originals.
>

MD5 generates a hash of 128 bits so the probability of finding a
collision is 1/(2^128). So it seems that it is not so easy to find such
a collision.

Of course SHA is more secure, it generates a hash of 160 bits so the
probability of finding a collision is lower than MD5.


-- 
Sergio Rodríguez de Guzmán Martínez| Hombre anciano, juicio sano. 
sguzman@inicia.es                  | 
-=Debian GNU/Linux Sid=-   -o)     | 
Kernel 2.4.17               /\     | 
on a i686                  _\_v    | 
PGP Key www.nova1one.com/satai.asc | 


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: