[erlang-questions] wow: MD5 broken

Michael Regen <>
Sat Dec 1 17:21:41 CET 2007


Well, whether md5 is broken or not depends on the application.

If you need to be sure that the message created by a trustworthy person, who
also securely delivered the hash to you, was not altered by a malicious
person - nothing is broken. Example: You received the md5 hash of a file you
want to download via a secure channel. Now you download the file and compare
it to the md5 hash. If it was altered by someone else you will still detect
that.
Nevertheless it's _widely_ recommended to start migrating to something more
secure like sha256. Since at least two years, so you should already be in
the process of abandoning md5. Priority probably depends on how long your
solutions need to work and how high your security requirements are.

But: If you cannot trust the person who created the message and got only a
md5 hash, you cannot be sure that the person afterwards sends you the same
message from which the hash was calculated. Funny example:
http://www.win.tue.nl/hashclash/Nostradamus/

The later attack on md5 exists at least since 2004. See
http://web.archive.org/web/20070629090049/http://www.infosec.sdu.edu.cn/paper/md5-attack.pdf.
So there is nothing new here.

Cheers,
Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20071201/c9ef9a1e/attachment.html>


More information about the erlang-questions mailing list