[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]




Futplex writes:
> I believe Dr. Cohen's point is that no-one knows, AFAIK, how to prove that a
> one-way hash is truly one-way (uninvertible). We cannot prove that MD5 is
> secure, ergo we cannot (completely) trust it. [Please correct if this is a
> substantially incorrect inference.]

There are hashes that can, in fact, be proven to have the properties
we assign to cryptographic hashes given certain modest assumptions
about some number theory problems and their complexity. True "proof"
is likely impossible.

Perry