Date: Mon, 03 Dec 2007 20:25:38 -0800 From: Colin Percival <cperciva@freebsd.org> To: Norberto Meijome <freebsd@meijome.net> Cc: freebsd-security@freebsd.org Subject: Re: MD5 Collisions... Message-ID: <4754D6C2.3030005@freebsd.org> In-Reply-To: <20071203154412.461d0faf@meijome.net> References: <20071203154412.461d0faf@meijome.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Norberto Meijome wrote: > should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? : > > " > MD5 has not yet (2001-09-03) been broken, but sufficient attacks have > been made that its security is in some doubt. The attacks on MD5 are in > the nature of finding ``collisions'' -- that is, multiple inputs which > hash to the same value; it is still unlikely for an attacker to be able > to determine the exact original input given a hash value. > " I fail to see how the man page is incorrect here. What do you think it should be saying instead? Colin Percival FreeBSD Security Officer
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4754D6C2.3030005>