1995-10-24 - Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]

Header Data

From: Andy Brown <asb@nexor.co.uk>
To: cypherpunks@toad.com
Message Hash: 68b11f6484aa6bb2f7e38e3073ba5892e775e51b3e5d7734497869a0a318c126
Message ID: <Pine.SOL.3.91.951024162454.14187B-100000@eagle.nexor.co.uk>
Reply To: <9510241442.AA12411@all.net>
UTC Datetime: 1995-10-24 16:32:07 UTC
Raw Date: Tue, 24 Oct 95 09:32:07 PDT

Raw message

From: Andy Brown <asb@nexor.co.uk>
Date: Tue, 24 Oct 95 09:32:07 PDT
To: cypherpunks@toad.com
Subject: Re: MD5 weakness ? [was Re: Netscape Logic Bomb detailed by IETF]
In-Reply-To: <9510241442.AA12411@all.net>
Message-ID: <Pine.SOL.3.91.951024162454.14187B-100000@eagle.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 24 Oct 1995, Dr. Frederick B. Cohen wrote:

> [...]
> In the case of the trust being placed in MD5 by Netscape, the assumption
> being made (without adequate support as far as I can tell) is that an
> MD5 checksum cannot be forced, through a chosen plaintext attack, to
> yield checksums of 1, 2, 3, 5, 7, 9, ...  on up to enough primes to
> allow the known plaintext attack that gets the RSA private key used to
> authenticate messages.  As far as I am aware (and I may not be aware of
> everything) there is no reference work to support this assumption.  If
> the assumption is wrong, then the whole SSL can fall to a selected
> plaintext attack launchable (presumably) through those general purpose
> Java aplets we have heard so much about.

The above paragraph is complete crap.


- Andy, speaking only for himself.





Thread