Re: dpkg-sig support wanted?
"Steinar H. Gunderson" <firstname.lastname@example.org> writes:
> On Sat, Nov 26, 2005 at 09:13:02AM +1000, Anthony Towns wrote:
>>> Moving away from MD5 is certainly not a bad idea, but it's not clear
>>> whether the alternatives are any better. Sure, everyone recommends
>>> SHA-256 at this stage, but nobody can give a rationale.
>> MD5 is broken; SHA-1 is where MD5 was a couple of years ago, SHA256 (or
>> higher) are significantly harder to break in practice, and there's
>> nothing better yet.
> Just a comment here for those who are not used to hash functions: "Broken"
> here means that you can generate collisions faster than using the birthday
> attack (2^64 for MD5, 2^80 for SHA-1). It does not have to mean that you
> can do _really_ evil stuff, like generate a second file with the same MD5
> hash as a given file (so-called "second preimage", IIRC) and to the best of
> my knowledge, nobody has done so yet).
According to slashdot articles you can generate human readable files
(like the Packages file) with md5sum collision in ~45minutes on a
modern cpu now.
I think that counts as broken. Luckily for us we also have the size of