--envbJBWh7q8WU6mo
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Salut,

On Wed, Jul 20, 2005 at 10:04:56AM -0400, Steven M. Bellovin wrote:
> For security purposes, it's more dubious.  But a lot depends on your=20
> threat model.  As I noted the last time you raised the issue of MD5,=20
> the problem we're dealing with today is a collision attack, not a=20
> preimage attack.

Just to make that clear: MD5 has some more problems than just the blindness.
I raised the issue last time because MD5 has some other issues like
a certain symmetry that had been documented earlier.

Just don't rely on it anywhere.

				Tonnerre

--envbJBWh7q8WU6mo
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (NetBSD)

iD8DBQFC3qQRXUVlAbfmNMIRAj3pAJ9uLXDTRAYXLPbkm/fyvGG+GLV1DACghLuV
i/IAv1D01ogiqIkeh6lo1UA=
=ASDN
-----END PGP SIGNATURE-----

--envbJBWh7q8WU6mo--