[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]

Dr. Frederick B. Cohen writes:
# MD5 [...] which the members of this list seem to place unlimited trust in 
# (incorrectly in my view, 

Laurent Demailly writes:
> Can you elaborate with facts on the supposed weakness of MD5 ?

Remember the can-you-trust-PGP flamewar we had a few months ago ?

I believe Dr. Cohen's point is that no-one knows, AFAIK, how to prove that a
one-way hash is truly one-way (uninvertible). We cannot prove that MD5 is
secure, ergo we cannot (completely) trust it. [Please correct if this is a
substantially incorrect inference.]

One of the standard responses is "it's the best we can do". When people said
this about PGP, FBC made some (IMHO) interesting comments about the
encryption he uses in various circumstances. Perhaps he would like to share
his personal choices of one-way hash functions with us.

-Futplex <[email protected]>