[erlang-questions] wow: MD5 broken

Per Hedeland per@REDACTED
Sat Dec 1 13:44:36 CET 2007


"Joe Armstrong" <erlang@REDACTED> wrote:
>
>MD5 is really broken - gulp see
>
>http://www.win.tue.nl/hashclash/SoftIntCodeSign/

"Broken" is a too strong word - for any value produced by any hashing
method, there will obviously be an infinite number of different inputs
that produce the same value - the question is how hard it is to find
them.

Or more precisely, the/a theoretical question (important though it is)
which this work addresses, is "how hard is it to find two different
inputs that result in the same hash value?" - and the answer is "not
anywhere near as hard as we thought".

The practical/security question though, is "given an input and a
resulting hash value, how hard is it to find a different input that
gives the same hash value?" - and the answer remains, as they point out,
"impossible".

So yeah, the results indicate that you should probably try to migrate
away from using md5, since the troublesome answers to the theoretical
question imply that the bar to finding an answer to the practical one is
lower than we thought - but there's nothing "broken" *yet*.

--Per Hedeland



More information about the erlang-questions mailing list