Re: MD5 collisions found - alternative?
On Tue, Aug 24, 2004 at 08:22:54PM +0200, Almut Behrens wrote:
I always thought that the oneway-feature is not particularly relevant
when verifying passwords... In other words, if you can find (within a
reasonable amount of time) any input string that produces the same
given digest, then any password verification system will let you in,
independently of whether you ever get to know the original password...
Right. But since we know basically nothing about how the collision was
generated we don't know if there's a way to find a message that has a
given md5 hash value. IOW, the mechanism to generate the collision may
only work with certain carefully chosen input data. Until more details
are given it's all speculation.