On Tue, Dec 26, 2000 at 10:52:47PM +0100, Christian Kurz wrote: > On 00-12-26 Peter Cordes wrote: > > have produced collisions in MD5. This is a Bad Thing for MD5, but it isn't > > a real break against MD5. It means that you can find two messages that hash > > to the same value. To do so, you _have_ to choose both messages yourself. > > If one of the messages is /bin/su, you are almost certainly out of luck. > > Nobody has figured out how to make another message that collides with a > > given message. It only works if they create _both_ messages. > > Cool, would you then please explain why Bruce Schneier writes about MD5: > "I am wary of using MD5" in his book "Applied Cryptograhy" and the end > of the section about MD5? > > Ciao > Christian >
For some applications the collision-resistance property is critical. Simply computing and storing one-way hashes IS NOT an application which depends on this property. > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- dg
