1996-07-01 - Re: MD5 breaks, etc.

Header Data

From: “Perry E. Metzger” <perry@piermont.com>
To: “John Hemming - CEO MarketNet” <johnhemming@mkn.co.uk>
Message Hash: c05ddf40185958734456b12764e050f506cd96e8d01606047cd347f038aacb7b
Message ID: <199607011553.LAA21151@jekyll.piermont.com>
Reply To: <1996-Jul01-150540.1>
UTC Datetime: 1996-07-01 20:39:32 UTC
Raw Date: Tue, 2 Jul 1996 04:39:32 +0800

Raw message

From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 2 Jul 1996 04:39:32 +0800
To: "John Hemming - CEO MarketNet" <johnhemming@mkn.co.uk>
Subject: Re: MD5 breaks, etc.
In-Reply-To: <1996-Jul01-150540.1>
Message-ID: <199607011553.LAA21151@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"John Hemming - CEO MarketNet" writes:
> Accepting for a moment that MD5 collisions have been identified.  From
> a commercial aspect I am concerned to ensure the cryptographic security
> of our ECheque system.
[...]
> Just a thought on the use of MD5.  If two signatures are appended to the
> same document both using MD5, but one either
> 
>   a) Signing all but the last octet of the message  ... or
>   b) Signing the whole of the message and signature.
> 
> Would that not make the determination of useable collisions either
> impracticable or impossible?

Wouldn't it be easier to move to SHA-1?

> Alternately, could someone please point me at the SHA algorithm.

I believe SHA-1 (note-- you want the updated version!) is in the
latest edition of Schneier, or at least is referenced there.

BTW, you are going to have to assume if you are doing real world
business that you will be upgrading your algorithms every few years
until the end of your application's lifespan.

Perry





Thread