[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5 hashes used in security announcements

Florian Weimer wrote:
* Bas Steendijk:

i have sent an email a while ago about the security implications of
using MD5 hashes in the security announcements (DSA), but i didn't get
any reply at all from this. has it been overlooked?

I don't know to which address you sent the address, so I don't know if
it's been overlooked.

My general take on this issue is that for this particular purpose, we
will stop using MD5 when someone comes up with an actual collision for a
hash published in a DSA.  It's not that these hashes are used for
automated processing.  We can't do anything about the old DSAs
containing MD5 hashes anyway.

2 files with a colliding hash can only be made by someone who can influence the creation of the file (thus, someone inside debian). he can make a "good" and a "bad" version of a package with the same MD5, and the same size. for someone to make a file with the same hash without influence in the creation of the original file would be a preimage attack.

Reply to: