[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]

On Tue, 24 Oct 1995, Dr. Frederick B. Cohen wrote:

> [...]
> In the case of the trust being placed in MD5 by Netscape, the assumption
> being made (without adequate support as far as I can tell) is that an
> MD5 checksum cannot be forced, through a chosen plaintext attack, to
> yield checksums of 1, 2, 3, 5, 7, 9, ...  on up to enough primes to
> allow the known plaintext attack that gets the RSA private key used to
> authenticate messages.  As far as I am aware (and I may not be aware of
> everything) there is no reference work to support this assumption.  If
> the assumption is wrong, then the whole SSL can fall to a selected
> plaintext attack launchable (presumably) through those general purpose
> Java aplets we have heard so much about.

The above paragraph is complete crap.

- Andy, speaking only for himself.