1996-07-05 - Re: rsync and md4

Header Data

From: jamesd@echeque.com
To: “David F. Ogren” <ogren@cris.com
Message Hash: e41c4447714ecee91d59670c93426f415fabe31cf0562f833084889d6075da40
Message ID: <199607051844.LAA27223@dns1.noc.best.net>
Reply To: N/A
UTC Datetime: 1996-07-05 22:21:18 UTC
Raw Date: Sat, 6 Jul 1996 06:21:18 +0800

Raw message

From: jamesd@echeque.com
Date: Sat, 6 Jul 1996 06:21:18 +0800
To: "David F. Ogren" <ogren@cris.com
Subject: Re: rsync and md4
Message-ID: <199607051844.LAA27223@dns1.noc.best.net>
MIME-Version: 1.0
Content-Type: text/plain


At 02:05 AM 7/1/96 -0400, David F. Ogren wrote:
> I stand by my statements. 

When you are deep in a hole, it is time to quit digging.


> The problems that you bring up have to do with situations 
> where an active attacker develops a slightly different 
> pair of documents with the same hash.
>
> Although this is highly undesirable characteristic for a 
> hash function, [...]

No kidding.

Current state of the art is that MD4 is broken for signing
documents prepared by other people, and MD5 may be broken 
soon, but MD4 is not broken as proof of authorship.

So if everyone was using MD4 for PGP signing, which they are
not, it would still not be a problem for most people.  But
it would be a problem for authors of software, who should
know that a security bug that sinks only *some* people is still
a security bug.  

Therefore no author of software should
employ MD5 or MD4 in new software, but existing users
of software that employs MD5 and MD4 should not panic.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com






Thread