Re: md5 hashes used in security announcements

To: debian-security@lists.debian.org
Subject: Re: md5 hashes used in security announcements
From: Bas Steendijk <beware@bircd.org>
Date: Fri, 24 Oct 2008 20:56:10 +0200
Message-id: <[🔎] 49021A4A.8040803@bircd.org>
In-reply-to: <[🔎] 874p327yy5.fsf@mid.deneb.enyo.de>
References: <[🔎] 4901CC1A.5040809@bircd.org> <[🔎] 874p327yy5.fsf@mid.deneb.enyo.de>

Florian Weimer wrote:

* Bas Steendijk:

i have sent an email a while ago about the security implications of
using MD5 hashes in the security announcements (DSA), but i didn't get
any reply at all from this. has it been overlooked?


I don't know to which address you sent the address, so I don't know if
it's been overlooked.

My general take on this issue is that for this particular purpose, we
will stop using MD5 when someone comes up with an actual collision for a
hash published in a DSA.  It's not that these hashes are used for
automated processing.  We can't do anything about the old DSAs
containing MD5 hashes anyway.

2 files with a colliding hash can only be made by someone who caninfluence the creation of the file (thus, someone inside debian). he canmake a "good" and a "bad" version of a package with the same MD5, andthe same size. for someone to make a file with the same hash withoutinfluence in the creation of the original file would be a preimage attack.

Reply to:

Follow-Ups:
- Re: md5 hashes used in security announcements
  - From: Raphael Geissert <atomo64+debian@gmail.com>

References:
- md5 hashes used in security announcements
  - From: Bas Steendijk <beware@bircd.org>
- Re: md5 hashes used in security announcements
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: md5 hashes used in security announcements
Next by Date: Re: md5 hashes used in security announcements
Previous by thread: Re: md5 hashes used in security announcements
Next by thread: Re: md5 hashes used in security announcements
Index(es):
- Date
- Thread