lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8f5ca221050407145216d3824c@mail.gmail.com>
Date: Thu Apr  7 22:53:00 2005
From: kyphros at gmail.com (Mike Owen)
Subject: Re: Case ID 51560370 - Notice of Claimed
	Infringement

On Apr 7, 2005 2:28 PM, Thierry Zoller <Thierry@...ff-em.com> wrote:
<snippage>
> RP> (or do they assume these hashes are 'fingerprints')
> Oh... well an one-way hash (Md5,sha etc) technicaly speaking
> *IS* a fingerprint because it identifies a UNIQUE file. (collisions
> possible but unlikely)
> 
> Please correct me if any of my assumptions above were incorrect.
> 

As reported over the last few months, MD5 is very broken. MD5
collisions are very easy to generate, with some reports of as little
as a few hours needed on reasonable hardware to generate a collision.

Here is a page with links to most of the various papers out, including
the Wang paper that started this all.
http://cryptography.hyperlink.cz/MD5_collisions.html

> --
> Thierry Zoller
> http://www.sniff-em.com
> 

Mike

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ