On Tue, Jan 29, 2008 at 02:48:44PM +0100, [EMAIL PROTECTED] wrote:
> On Jan 29, 2008, at 1:16 PM, Colin Watson wrote:
> > Do you know what the state of cryptanalytic research is on
> > Whirlpool? My
> > concern is that the MD5/SHA family, for all its faults, has been
> > extremely extensively cr
MD5 is pretty weak these days, and getting worse. I demonstrated an
attack on MD5 recently using the academic research supplied. You can
find my original posting from December at the link below. I also
include the important parts below...
http://seclists.org/fulldisclosure/2007/Dec/0004.html
I
On Jan 28, 2008, at 5:28 PM, Neal McBurnett wrote:
> Cryptographers are nervous about not only MD5, but also all the
> functions in the same class, which includes SHA-1 and SHA-256. The
> latter ones use more bits and thus have more life in them than MD5
This is an oversimplification. The SH
On Jan 29, 2008, at 1:16 PM, Colin Watson wrote:
> Do you know what the state of cryptanalytic research is on
> Whirlpool? My
> concern is that the MD5/SHA family, for all its faults, has been
> extremely extensively cryptanalysed, and at least we know where we
> stand, while the other families a
On Tue, Jan 29, 2008 at 12:00:56PM +, Colin Watson wrote:
> Signing a message generally actually amounts to taking some hash of it
> and signing that; you don't run expensive algorithms like RSA over the
> whole message. Since the MD5 hashes are useful to expose anyway, I don't
> see any crypto
On Mon, Jan 28, 2008 at 09:28:48AM -0700, Neal McBurnett wrote:
> On Mon, Jan 28, 2008 at 04:44:05PM +0200, Lars Wirzenius wrote:
> > On ti, 2008-01-22 at 19:32 +, Chris Lamb wrote:
> > > However, the MD5 digest algorithm is utterly broken
> >
> > How broken is it? Can one reasonably expect t
On Tue, Jan 29, 2008 at 09:57:55AM +, Matt Zimmerman wrote:
> There are two reasons for checking the hashes:
>
> Authentication - the downloaded image is in fact the official one provided
> by the Ubuntu project, unaltered
>
> Integrity - the downloaded image hasn't been randomly corrupted in
On Mon, Jan 28, 2008 at 10:39:03AM -0700, Neal McBurnett wrote:
> On Mon, Jan 28, 2008 at 05:20:52PM +, Matt Zimmerman wrote:
> > On Mon, Jan 28, 2008 at 09:28:48AM -0700, Neal McBurnett wrote:
> > > > (I'm all in favor of moving to SHA256 or whatever is considered best
> > > > practice these d
[I've been sending, like the original poster, to both lists, and
different responses from different people have gone to each list. But
we should probably choose just one of these lists to use for this
conversation I'd choose the -devel-discuss list since my postings
to the -devel list have to
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Neal McBurnett wrote:
|
| That ftpmaster key is already on installed systems, right? I would
| think we could preinstall system keyrings and give instructions that
| would be based on that. Do we not ship the <[EMAIL PROTECTED]> key?
GnuPG's loc
On Mon, Jan 28, 2008 at 05:20:52PM +, Matt Zimmerman wrote:
> On Mon, Jan 28, 2008 at 09:28:48AM -0700, Neal McBurnett wrote:
> > > (I'm all in favor of moving to SHA256 or whatever is considered best
> > > practice these days. I've just not heard that MD5 is really as broken as
> > > I think C
On Mon, Jan 28, 2008 at 04:58:00PM +, John Carr wrote:
> > > If the MD5SUMS files are purely for validating downloads[3], could the
> > > completely useless/misleading GPG files be dropped?
> >
> > They are far from useless - they are the only way to validate the hash
> > information based on t
On Mon, Jan 28, 2008 at 09:28:48AM -0700, Neal McBurnett wrote:
> > (I'm all in favor of moving to SHA256 or whatever is considered best
> > practice these days. I've just not heard that MD5 is really as broken as
> > I think Chris suggests here.)
>
> One easy thing to do is to also publish sha256
> > If the MD5SUMS files are purely for validating downloads[3], could the
> > completely useless/misleading GPG files be dropped?
>
> They are far from useless - they are the only way to validate the hash
> information based on trust roots that are (or should be) on your
> system already.
>
> Neal
On Mon, Jan 28, 2008 at 04:44:05PM +0200, Lars Wirzenius wrote:
> On ti, 2008-01-22 at 19:32 +, Chris Lamb wrote:
> > However, the MD5 digest algorithm is utterly broken
>
> How broken is it? Can one reasonably expect that a well-provisioned
> attacker can create an MD5SUMS file that has the
15 matches
Mail list logo
