MD5 and SHA cracked/broken...

From: Magnus Lie Hetland (mlh_at_furu.idi.ntnu.no)
Date: 09/11/04

• Next message: Diez B. Roggisch: "Re: Mail extraction problem (something's wrong with split methods)"
• Previous message: Rupert Pigott: "Re: Xah Lee's Unixism"
• Next in thread: Paul Rubin: "Re: MD5 and SHA cracked/broken..."
• Reply: Paul Rubin: "Re: MD5 and SHA cracked/broken..."
• Reply: Tim Churches: "Re: MD5 and SHA cracked/broken..."
• Reply: Kirk Job-Sluder: "Re: MD5 and SHA cracked/broken..."
• Maybe reply: Paul Rubin: "Re: MD5 and SHA cracked/broken..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: Sat, 11 Sep 2004 16:59:56 +0000 (UTC)

I saw this in an article referenced from slashdot a while back, and it
occurred to me that it might be relevant here...

Basically, at Crypto 2004 preliminary papers were presented that
pointed out weaknesses in MD5, SHA-0 and SHA-1. As far as I can tell,
MD5 is broken and SHA-1 seems to be in a precarious position (even
though I don't know the details at all).

Perhaps it would be appropriate to add a note, warning or "See also"
to the library documentation for the md5 and sha modules?

Of course, these modules don't give any guarantees, but their
functionality does seem to imply a certain level of security
(especially SHA, whose name even includes the name "secure"). If this
name no longer holds, a "heads up" might be useful.

Does anyone understand enough crypto-speak to figure out how
problematic this all is, and what applications should be avoided?

Also -- are there any alternative one-way functions that are still
considered safe, and that could be useful as Python modules (in place
of, perhaps, md5 and sha)?

-- 
Magnus Lie Hetland       The time you enjoy wasting is not wasted time
http://hetland.org                                  -- Bertrand Russel

---

• Next message: Diez B. Roggisch: "Re: Mail extraction problem (something's wrong with split methods)"
• Previous message: Rupert Pigott: "Re: Xah Lee's Unixism"
• Next in thread: Paul Rubin: "Re: MD5 and SHA cracked/broken..."
• Reply: Paul Rubin: "Re: MD5 and SHA cracked/broken..."
• Reply: Tim Churches: "Re: MD5 and SHA cracked/broken..."
• Reply: Kirk Job-Sluder: "Re: MD5 and SHA cracked/broken..."
• Maybe reply: Paul Rubin: "Re: MD5 and SHA cracked/broken..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages RE: where to download md5.py? ... md5 is a standard Python module. ... I don't have sha either, but my system administrators don't know a thing ... (comp.lang.python) IPSec VPN NAT-T Multiple Clients to same Destination ... The ISA is connected directly to the Internet. ... If there are more than one client behind a NAT then ... MD5 ... SHA ... (microsoft.public.isa) Re: Generating a unique identifier ... Should garbage-collecting 16 million ... cipher using md5 or sha as the round function pretty straightforwardly, ... (comp.lang.python) Re: MD5 for z/OS? ... There's open source C at: ... Linkname: sha ... The OP asked about MD5 (which is somewhat ... For IBM-MAIN subscribe / signoff / archive access instructions, ... (bit.listserv.ibm-main) Re: linux-next: Tree for January 12 (cifs vs. staging) ... generic md5 code, nothing much cifs specific although it would be ... calculate the expected signature to verify that responses from the ... with the crypto guys, it would take a lot more code to do this using ... (Linux-Kernel)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)