[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]

To: [email protected]
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
From: Andy Brown <[email protected]>
Date: Tue, 24 Oct 1995 16:30:53 +0000 (GMT)
In-Reply-To: <[email protected]>
Sender: [email protected]

On Tue, 24 Oct 1995, Dr. Frederick B. Cohen wrote:

> [...]
> In the case of the trust being placed in MD5 by Netscape, the assumption
> being made (without adequate support as far as I can tell) is that an
> MD5 checksum cannot be forced, through a chosen plaintext attack, to
> yield checksums of 1, 2, 3, 5, 7, 9, ...  on up to enough primes to
> allow the known plaintext attack that gets the RSA private key used to
> authenticate messages.  As far as I am aware (and I may not be aware of
> everything) there is no reference work to support this assumption.  If
> the assumption is wrong, then the whole SSL can fall to a selected
> plaintext attack launchable (presumably) through those general purpose
> Java aplets we have heard so much about.

The above paragraph is complete crap.


- Andy, speaking only for himself.

References:
- Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
  - From: [email protected] (Dr. Frederick B. Cohen)

Prev by Date: Re: Netscape Logic Bomb detailed by IETF
Next by Date: Re: Reformated: How secure....
Prev by thread: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
Next by thread: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
Index(es):
- Date
- Thread