North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: potential hazards of Protect-America act
Disclaimer: I'm sitting in a meeting that is making me grumpy and this is one of my pet-peeves... I keep hearing people making the assertion that MD5 is "broken" -- this is not completely true. Yes, there have been collisions found -- yes, I can easily (and quickly) generate 2 inputs that generate the same output... What is not trivial is for you to generate another input that will generate (eg): 0x56f39544ebca88f261f2087dab3d7e61 or, given 0x56f39544ebca88f261f2087dab3d7e61 to figure out what input I provided. There was a brief flurry of media attention around the time of Vlastimil's tiunneling work saying "MD5 Broken!!!". Many people (not necessarily anyone on the list) just read the sensationalist headlines with no understanding as to what had been accomplished... As with any tool, you need to understand the capabilities and limitations before using it. Once again, this is one of those things that just pushes my buttons, sorry if I went off on a rant... W P.S: Yes thanks, I am feeling better now :-) On Jan 29, 2008, at 7:35 PM, Frank Bulk wrote:
|