Re: MD5 collisions found - alternative?
Robert Trebula wrote:
Maybe you have already noticed - collisions have been found in MD5
hashing algorithm:
http://eprint.iacr.org/2004/199.pdf
http://www.freedom-to-tinker.com/archives/000664.html
http://www.unixwiz.net/techtips/iguide-crypto-hashes.html
My question is: Is there an easy way to make my debian sid
installation use something else (better) than md5 for various things?
Namely SHA-1 with some longer output in PAM.
I think cryptanalysts have 'cracked' pretty much all of them, though
with practically prohibitive costs of cracking them (eg, 2^50 for SHA-0).
http://www.mail-archive.com/cryptography@metzdowd.com/msg02554.html
http://www.freedom-to-tinker.com/archives/000661.html
However, a 2^50 chance, as opposed to the ideal 2^160 still strikes me
as pretty good chances. Maybe I'm just not paranoid enough to be a
cryptographer ;-).
My personal thought is that you could make the hash more secure simply
by running md5 and SHA1 (maybe pepper on another one for good luck)
across a single stream at the same time, and simply xor the resultant
hashes together. You could pretty much add up the "cost" of the attacks
against the keys.
An exploration of this approach has just been uploaded to CPAN as
Digest::SV1. It's at;
http://search.cpan.org/dist/Digest-SV1
Sam.
Reply to: