[Dshield] Digital sigs cracked

John B. Holmblad jholmblad at aol.com
Thu Jun 16 19:24:39 GMT 2005


All,

I don't believe that the designers of MD5 cryptographic hash function 
ever asserted that said function would  NEVER produce a duplicate, only 
that the probability of such duplicates is so small that it is not worth 
it for an attacker to try to find and exploit them. Having said that I 
myself have not reviewed any mathematical proof of their work. It does 
make common sense to me that if you take arbitrary large bit strings and 
reduce them to a fixed small size, there is always the infinitesimal, at 
least, possibility of a collision. Here are RRivest's own remarks on the 
issue:  

        "It is conjectured that the difficulty of coming up with two
        messages having the same message digest is on the order of 2^64
        operations, and that the difficulty of coming up with any
        message having a given message digest is on the order of 2^128
        operations. The MD5 algorithm has been carefully scrutinized for
        weaknesses. It is, however, a relatively new algorithm and
        further security analysis is of course justified, as is the case
        with any new proposal of this sort. The level of security
        provided by MD5 should be sufficient for implementing very high
        security hybrid digital signature schemes based on MD5 and the
        RSA public-key cryptosystem." 

-- 
Best Regards,

John Holmblad

Televerage International
GSEC,GCWN,GGSC-0100,NSA-IAM

(H) 703 620 0672
(M) 703 407 2278
(F) 703 620 5388

primary email address:     jholmblad at aol.com
backup email address:      jholmblad at verizon.net




More information about the list mailing list