[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: $10M breaks MD5 in 24 days

On Aug 25,  7:01pm, alex wrote:
> Subject: Re: $10M breaks MD5 in 24 days
> > One of the more interesting papers had a claim (with little detail,
> > unfortunately) that for ten million dollars you could build a machine that
> > would "break" MD5, in the sense of finding another message which would
> > hash to the same as a chosen one, in 24 days.

> This in itself wouldn't give an attacker much of anything would it?  I
> mean, once they discovered a message which hashed to a given value, the
> new message wouldn't be in the proper format, would it?  Wouldn't it just
> be noise, instead of text in english, crypto keys, etc.?

Not necessarily.  If you're forging some packet, certificate or file, it is
often adequate to have just a couple of fields (potentially a few bits)
which contain data you want, and the rest can be garbage.  If your search
engine could fix these and play with the rest of the packet, the chances are
good (but decreasing with the more bits you use for a fixed size packet) that
you will find a packet which will have the correct signature _and_ contain the
forged data you need.  If you can play with the packet size, then your chances
of finding a match increase.