MD5 latest news (not good)

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

MD5 latest news (not good)

Post by Roja »

http://cryptography.hyperlink.cz/2006/tunnels.pdf

In a nutshell, if this theory holds up to scrutiny (and it looks fairly well done, and reputable), MD5 will be utterly broken.

Now we wait for the crypto community to analyze it.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

well.. that came a tiny bit faster than I anticipated. If correct, a lot of applications need to bone up their hashes soon. :)
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

good thing I have been using sha256 since feyd realeased his snipplet :wink:
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

feyd wrote:well.. that came a tiny bit faster than I anticipated. If correct, a lot of applications need to bone up their hashes soon. :)
The extremely bad news is that *if* this concept holds up to scrutiny (and that is NOT a sure thing - this is the first paper on the concept, to my knowledge), then SHA will be vulnerable to it as well - including the SHA-2 family.

It could be a very big break in hashing algo's. This could be a very bad thing.

I've contacted Bruce Schneier, asking him to take a look and comment on it if he chooses to on his blog or newsletter. His insight is usually some of the very best in the crypto community, so it will be interesting to see his take on it.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

Maybe this'll provide the kick in the butt the crypto community needs to come up with better methods of cryptography.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Hmmm that doesn't look good. I'll have to wait for more news on this. Thanks Roja for the link! :)
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

Looks like md5 is "hashed".

Does this spell doom for the larger hash algo's like mmmm sha256?
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

neophyte wrote:Looks like md5 is "hashed".

Does this spell doom for the larger hash algo's like mmmm sha256?
Looking at that paper it technically applies to the whole concept of hashing. It would obviously be less predictable and take longer on higher bit hashes though. I haven't had a chance to read all 11 pages yet since I'm uber-busy but I'll have a read when I get chance :)
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

pickle wrote:Maybe this'll provide the kick in the butt the crypto community needs to come up with better methods of cryptography.
I personally deeply doubt it.

The crypto community is smart. Very smart. Its not a lack of work/effort/intelligence on their part for not coming up with "better" methods. It is substantially an arms race between brains and processing power - and the brains don't
stand a chance.

I suspect that if it turns out to be accurate, it will cause widespread change - but "Better" is subjective.

I want to note that my view is *extremely* abnormal in the Crypto community. Many feel they already have solutions to the problems, or will soon.
User avatar
irisblaze
Forum Newbie
Posts: 22
Joined: Sun Mar 19, 2006 3:24 am
Location: Palestine
Contact:

Post by irisblaze »

I agree with Roja, it'll not cause a big change, and this is not new, we were warned long time ago that md5 will be broken
Post Reply