1995-10-24 - Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]

Header Data

From: futplex@pseudonym.com (Futplex)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: 448ef7a86855665ed48b2bcf249127fe029a2bcd49f1bbd3d971f8fc3cf4325e
Message ID: <199510241554.LAA27916@opine.cs.umass.edu>
Reply To: <9510241425.AA08815@hplyot.obspm.fr>
UTC Datetime: 1995-10-24 15:54:39 UTC
Raw Date: Tue, 24 Oct 95 08:54:39 PDT

Raw message

From: futplex@pseudonym.com (Futplex)
Date: Tue, 24 Oct 95 08:54:39 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <9510241425.AA08815@hplyot.obspm.fr>
Message-ID: <199510241554.LAA27916@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Dr. Frederick B. Cohen writes:
# MD5 [...] which the members of this list seem to place unlimited trust in 
# (incorrectly in my view, 

Laurent Demailly writes:
> Can you elaborate with facts on the supposed weakness of MD5 ?

Remember the can-you-trust-PGP flamewar we had a few months ago ?

I believe Dr. Cohen's point is that no-one knows, AFAIK, how to prove that a
one-way hash is truly one-way (uninvertible). We cannot prove that MD5 is
secure, ergo we cannot (completely) trust it. [Please correct if this is a
substantially incorrect inference.]

One of the standard responses is "it's the best we can do". When people said
this about PGP, FBC made some (IMHO) interesting comments about the
encryption he uses in various circumstances. Perhaps he would like to share
his personal choices of one-way hash functions with us.

-Futplex <futplex@pseudonym.com>




Thread