NYCPHP Meetup

[Hans Zaunere]

I suppose it was only a matter of time.

Of course this *could* (although unlikely) have an effect on various
session handling mechanisms, since they are typically MD5 hashes.

An interesting project would be to see if two UNIX timestamps exist that
produce the same MD5.

H


> > Looks like a MD5 collision HAS been found:
> > http://www.freedom-to-tinker.com/archives/000664.html
> 
> In case anyone is still wondering whether the collision in MD5 is
> real, here are the two files.
> 
> $ cmp md5-1.bin md5-2.bin
> md5-1.bin md5-2.bin differ: char 20, line 1
> $ md5 md5-1.bin md5-2.bin
> MD5 (md5-1.bin) = a4c0d35c95a63a805915367dcfe6b751
> MD5 (md5-2.bin) = a4c0d35c95a63a805915367dcfe6b751
> 
> Note that as of now, there are no attacks that demonstrate that MD5 is
> not preimage-resistant or 2nd-preimage-resistant.  Perhaps more
> importantly, it is also not clear (to me, at least), whether the
> collisions that can be produced in MD5 are selective (i.e., the
> attacker has some control over the colliding messages) or existential.
> 
> Collision resistance was a design goal for MD5.  It does appear that
> there exists a method for finding collisions in significantly less
> than 2^64 operations.  Thus, MD5 should not be used in any new
> cryptographic systems that require collision resistance, preimage
> resistance, or 2nd preimage resistance.  Existing systems should be
> evaluated individually.  Some might require emergency patching.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: md5.tar.gz
Type: application/x-gzip
Size: 341 bytes
Desc: md5.tar.gz
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20040822/228c38ee/attachment.gz>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT49750.txt
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20040822/228c38ee/attachment.txt>