On Wed, 16 Feb 2005, Dominique Devienne <[EMAIL PROTECTED]> wrote: > You mean that the MD5 and SHA-1 digests computed by the JDK-provided > libraries didn't generate the canonical values of these digests?
No, broken as in "sucessfully attacked". It is possible to create a file that matches the checksum you've created, but is different from the original without using a brute-force algorithm. The way to attack MD5 turns out to be rather easy while the way to do it for SHA-1 still involves using a lot of CPU cycles. Stefan --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
