[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian audititing tool?

On 00-12-26 Peter Cordes wrote:
> have produced collisions in MD5.  This is a Bad Thing for MD5, but it isn't
> a real break against MD5.  It means that you can find two messages that hash
> to the same value.  To do so, you _have_ to choose both messages yourself.
> If one of the messages is /bin/su, you are almost certainly out of luck.
> Nobody has figured out how to make another message that collides with a
> given message.  It only works if they create _both_ messages.

Cool, would you then please explain why Bruce Schneier writes about MD5:
"I am wary of using MD5" in his book "Applied Cryptograhy" and the end
of the section about MD5?


Reply to: