Re: Time to replace MD5?
On 070614 at 00:00, Michael Stone wrote:
> On Wed, Jun 13, 2007 at 11:14:15PM +0200, Steffen Schulz wrote:
> >http://www.cits.rub.de/MD5Collisions/
> >One example how to create two files with same hash that act
> >differently. Should work with most active content.
> Cool. So the security team can rig an executable that can be modified
> and still have the same md5.
Point was: md5 collisions are a real-world problem.
> >With the above results, it would be possible to officially distribute
> >nice behaving software but present specific targets with modified
> >packages that do evil.
> Yup. Or the security team could just plant a regular backdoor, [..]
The critical bit was included in the sentence you removed:
What hashes does apt-secure use?
Judging from this documentation, md5 is used for apt-secure, too:
http://people.debian.org/~walters/monk.debian.net/apt-secure/x35.html
So every maintainer could distribute nice binaries and then inject
malicious packets to certain targets.
The overall point of writing my comment:
Don't check all conditions, protocols, use cases.
Just replace md5 some time soon.
> If you don't trust the security team, you probably shouldn't install
> security updates.
Sorry for being unclear,
Steffen
--
Um sich in einer Schafherde wohlzufühlen, muss man vor allem Schaf sein.
Reply to: