Senator Diane Feinstein Wants to know about the Benefits of P2P
Mike Tancsa
mike at sentex.net
Mon Aug 30 20:39:56 UTC 2004
At 04:12 PM 30/08/2004, Dan Hollis wrote:
>yep md5 made the news recently because it's been cracked:
>
>http://techrepublic.com.com/5100-22-5314533.html
>http://www.rtfm.com/movabletype/archives/2004_08.html#001055
Thats a misleading over simplification. A collision being found implies
something different than "its cracked." A weakness that was theorized
sometime ago has been demonstrated in practice. Finding collisions and
altering files in a useful way to produce a duplicate hash are different
things. There are FAR bigger security concerns than this one right now IMHO.
I recall even seeing posts about people claiming this meant original data
being reconstructed from the checksum! That would be truly amazing since I
could reconstruct a 680MB ISO from just 61d38fad42b4037970338636b5e72e5a. Wow!
---Mike
---Mike
More information about the NANOG
mailing list