[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Re: Case ID 51560370 - Notice of Claimed Infringement
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Re: Case ID 51560370 - Notice of Claimed Infringement
- From: Mike Owen <kyphros@xxxxxxxxx>
- Date: Thu, 7 Apr 2005 14:52:55 -0700
On Apr 7, 2005 2:28 PM, Thierry Zoller <Thierry@xxxxxxxxxxxx> wrote:
<snippage>
> RP> (or do they assume these hashes are 'fingerprints')
> Oh... well an one-way hash (Md5,sha etc) technicaly speaking
> *IS* a fingerprint because it identifies a UNIQUE file. (collisions
> possible but unlikely)
>
> Please correct me if any of my assumptions above were incorrect.
>
As reported over the last few months, MD5 is very broken. MD5
collisions are very easy to generate, with some reports of as little
as a few hours needed on reasonable hardware to generate a collision.
Here is a page with links to most of the various papers out, including
the Wang paper that started this all.
http://cryptography.hyperlink.cz/MD5_collisions.html
> --
> Thierry Zoller
> http://www.sniff-em.com
>
Mike
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/