[erlang-questions] wow: MD5 broken
Toby Thain
toby@REDACTED
Sat Dec 1 13:12:47 CET 2007
On 1-Dec-07, at 9:42 AM, Joe Armstrong wrote:
> MD5 is really broken - gulp see
>
> http://www.win.tue.nl/hashclash/SoftIntCodeSign/
>
> You can download two files from this page -- here's the proof
>
> # there are not zero bytes
>
> $ wc HelloWorld-colliding.exe GoodbyeWorld-colliding.exe
> 82 711 41792 HelloWorld-colliding.exe
> 82 709 41792 GoodbyeWorld-colliding.exe
> 164 1420 83584 total
> # the crc32 checksums are different
>
> $ crc32 HelloWorld-colliding.exe GoodbyeWorld-colliding.exe
> 8beb795c HelloWorld-colliding.exe
> 9ede53db GoodbyeWorld-colliding.exe
>
> $ # the mnd5sums are the same
> $ md5sum HelloWorld-colliding.exe GoodbyeWorld-colliding.exe
> 18fcc4334f44fed60718e7dacd82dddf HelloWorld-colliding.exe
> 18fcc4334f44fed60718e7dacd82dddf GoodbyeWorld-colliding.exe
>
> I wonder how many millions of programs have now become insecure?
The paper concludes,
"MD5 should no longer be used as a hash function for software
integrity or code signing purposes."
...but isn't a good workaround just to use more than one hash, e.g.
MD5+SHA1?
--Toby
>
> /Joe Armstrong
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://www.erlang.org/mailman/listinfo/erlang-questions
More information about the erlang-questions
mailing list