[erlang-questions] wow: MD5 broken

Richard Kelsall r.kelsall@REDACTED
Sat Dec 1 16:09:17 CET 2007


David Holz wrote:
> From: per@REDACTED
>> The practical/security question though, is "given an input and a
>> resulting hash value, how hard is it to find a different input that
>> gives the same hash value?" - and the answer remains, as they point out,
>> "impossible".
> 
...
> But I agree, small cracks have been appearing in MD5 and migration to something else should be effected before some clever device is implemented to fully break it.  However, the sky is definitely NOT falling on MD5 because of this discovery.

Migration may need to be completed several years before the 'clever
device' is invented (assuming omniscience relating to it's current
existence) depending on the use of the hash and the persistence
of the data it's protecting.


Richard.



More information about the erlang-questions mailing list