[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MD5 breaks, etc.




1) On the question of MD4, it has been demonstrated that one can
   generate multiple documents with the same hash -- an example was
   given in a paper a while back of two contracts, identical but for
   the dollar sum agreed two, with identical MD4 hashes. That
   demonstrates that MD4 is useless.

2) Hans Dobbertin on May 2nd released a short paper that circulated
   widely on the net describing collisions in the MD5 compression
   function. Several people have asked me for references on this. I
   cannot give you anything -- all I have is postscript of the
   document, which had not been published in any journal when I last
   checked. However, the result is widely known. MD5 is *not*
   something that should be trusted going forward, and I hope the next
   version of PGP uses SHA-1.

Perry