| Author |
Message |
Mine GO BOOM
Hunch Hunch
What What
Age:41
Gender:
Joined: Aug 01 2002
Posts: 3615
Location: Las Vegas
Offline
|
|
| Back to top |
|
 |
Mr Ekted
Movie Geek
Gender:
Joined: Feb 09 2004
Posts: 1379
Offline
|
 Posted: Wed Aug 18, 2004 12:48 pm Post maybe stupid Post subject: |
 |
 |
|
|
Scary stuff.
_________________
4,691 irradiated haggis! |
|
| Back to top |
|
|
CypherJF
I gargle nitroglycerin
Gender:
Joined: Aug 14 2003
Posts: 2582
Location: USA
Offline
|
| Posted: Wed Aug 18, 2004 1:39 pm Post maybe stupid Post subject: |
|
|
|
|
ITS THE END OF THE WORLD! lol jk 
_________________
Performance is often the art of cheating carefully. - James Gosling |
|
| Back to top |
|
|
Cyan~Fire
I'll count you!
Age:37
Gender:
Joined: Jul 14 2003
Posts: 4608
Location: A Dream
Offline
|
| Posted: Wed Aug 18, 2004 4:39 pm Post maybe stupid Post subject: |
|
|
|
|
But didn't we know this all along? It's not like anyone can actually use this to their advantage unless they're really lucky.
_________________
This help is informational only. No representation is made or warranty given as to its content. User assumes all risk of use. Cyan~Fire assumes no responsibility for any loss or delay resulting from such use.
Wise men STILL seek Him. |
|
| Back to top |
|
|
Mine GO BOOM
Hunch Hunch
What What
Age:41
Gender:
Joined: Aug 01 2002
Posts: 3615
Location: Las Vegas
Offline
|
| Posted: Wed Aug 18, 2004 10:25 pm Post maybe stupid Post subject: |
|
|
|
|
The idea was that people knew it was weak, and that collisions were possible, but the chance of someone brute-forcing a matching md5 checksum on data the same length was very slim, and would take many years. They claim that they have a formula in which they can find a matching checksum of almost any data within a hour on a normal machine, not some super-computer.
The fact that it only finds a few bytes off can do harm. Take for example, digital signatures. You run something through the md5sum to create a signature of your object for security reasons, but now there is some method in which some other data, the same length, will have the same checksum.
It is unknown if the formula can be repeated on itself, like creating another same-length dataset for the same checksum. And the fact that they state that SH1 has a theoritical weakness is still scary also.
Just so you know, this is the first example of any data stream with matching MD5. So yes, this is a big deal. |
|
| Back to top |
|
|
Bak
?ls -s
0 in
Age:26
Gender:
Joined: Jun 11 2004
Posts: 1826
Location: USA
Offline
|
| Posted: Wed Aug 18, 2004 11:51 pm Post maybe stupid Post subject: |
|
|
|
|
| So I see the digital signature and accept the email someone signed and sent me. Instead of a message, I get random text, what's the harm again? |
|
| Back to top |
|
|
Donkano.
Guest
Offline
|
| Posted: Wed Aug 18, 2004 11:59 pm Post maybe stupid Post subject: |
|
|
|
|
| What makes me wonder is... What is MD5? |
|
| Back to top |
|
|
CypherJF
I gargle nitroglycerin
Gender:
Joined: Aug 14 2003
Posts: 2582
Location: USA
Offline
|
| Posted: Thu Aug 19, 2004 12:04 am Post maybe stupid Post subject: |
|
|
|
|
MD5 is a method supposively that was unique to any key it is given; to create a finger print for the data that is parsed into it. When 2 inputs creates the same output; it's become a problem.
Make sense now? lol
2 files = same MD5 checksum?(hash?), very bad |
|
| Back to top |
|
|
myke
Seasoned Helper
Gender:
Joined: Sep 11 2003
Posts: 142
Offline
|
| Posted: Thu Aug 19, 2004 12:59 am Post maybe stupid Post subject: |
|
|
|
|
| cypher you forgot it means message digest 5 lol |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Statistics
Register
Profile
Login to check your private messages
Login
webmaster 
