[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/44160: outdated claim of cryptographic strength in md5(1) man page
The following reply was made to PR bin/44160; it has been noted by GNATS.
Cc: <gnats-admin%netbsd.org@localhost>, <netbsd-bugs%netbsd.org@localhost>,
Subject: Re: bin/44160: outdated claim of cryptographic strength in md5(1)
Date: Mon, 25 Jun 2012 00:50:57 +0000
I think that statement is accurate so far as it goes. But I do not think i=
t should be used.
The trouble is that it could be read to imply that MD5 is still considered =
an adequate secure hash, and I believe that is not the case. The attacks f=
ound against MD5 are more than sufficient to disqualify it from considerati=
on except in cases where it is required for backward compatibility.=20
If there were no alternatives, it would be worth doing the detailed analysi=
s to see just exactly what subset of hash function applications have not ye=
t been broken for MD5, but there are better alternatives, so the simple and=
prudent approach is to drop MD5 outright and not use it for anything.
So I think a better statement would be: "MD5 no longer meets some of the pr=
imary requirements of a secure hash function. While in principle there sti=
ll are some applications where it could be used, a prudent approach to secu=
rity implies that MD5 should be viewed as obsolete and should not be used f=
or new applications."
> From: Julian Fagir <gnrp%komkon2.de@localhost>
> To: gnats%netbsd.org@localhost
> Subject: Re: bin/44160: outdated claim of cryptographic strength in md5(1=
> Date: Sun, 24 Jun 2012 01:03:02 +0200
> What about the following sentence?
> While several messages with the same message digests have been found, it =
> still considered unfeasible to generate a message with a prespecified mes=
> Regards, Julian
Main Index |
Thread Index |