[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]

>As to weaknesses, I seem to remember that someone managed to forge a
>modification to a program used to observe networks on a Sun so that it
>had the same MD5 checksum as the official trusted version.  But whether
>this is real is not strictly the issue. 

From memory that particular attack had more to do with altered operating
systems which reported back the correct information than anything to do with
a md5 hole. It is much easier to tell a program to say "abcdef" than it is
to come up with a series of bits that hash to the same md5 result as another
series of bits.

Keep trying Fred... you may get somewhere one day.

[email protected]