(OT) MD5 collisions (was Re: How to edit PDF?)

[N Chosechu]

On 11/28/05, hometoast <hometoast at gmail.com> wrote:
>
> Which is a good reason to use both md5 and sha1.  the two together will be
> more than sufficient as the chances of both colliding are nil.
>

Unfortunately this does not seem to be the case. There is a famous paper
by Joux about Multicollision, describing how to attack several
hashes simultaneously if you know how to break them separately.
You may want to have a look at the following discussion on Slashdot:

MD5 Collision Source Code Released
http://it.slashdot.org/article.pl?sid=05/11/15/2037232&tid=172&tid=93&tid=228

Some participants pointed out the following paper about SHA-1
vulnerabilities:

Researches find security flaw in SHA-1 algorithm
http://www.computerworld.com/securitytopics/security/story/0,10801,99852,00.html


IMHO the md5 collisions are not really going to have an impact in every day
> use; (offtopic) imagine the case where md5 is not "valid" AND source
> includes some sort of payload.
>
>
MD5 offers lots of interesting features as a hash function (e.g. for
checksums),
it is easily implemented and available on most platforms, so will survive
for
a number of non-cryptographic applications.
But as mentioned before, MD5 is dead for cryptographic signature. This
means that package signing or document fingerprinting should not be based
on MD5 any more.

--
Chosechu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20051128/992c6da4/attachment.html>