Home page logo

bugtraq logo Bugtraq mailing list archives

MD5 To Be Considered Harmful Today
From: Pavel Machek <pavel () ucw cz>
Date: Wed, 8 Dec 2004 02:39:41 +0100


I've been doing some analysis on MD5 collision announced by Wang et al.  
Short version:  Yes, Virginia, there is no such thing as a safe hash 
collision -- at least in a function that's specified to be 
cryptographically secure.  The full details may be acquired at the 
following link:

Yes, nice paper, and here you have nice story:

Okay, lets have two friends and one horse. Let's say Pavel and
Bara. Bara owns a horse, and needs money, so she wants to sell
it. Horse has some problems with its back, and Bara would be willing
to sell it for around $1300. Therefore she's quite surprised when
Pavel offers her $14000, and agrees immediately.

From: Pavel
To: Bara


I'd like to buy Fita. If you accept my offer (msg1), just sign and
send it back.

:~/misc/md5$ cat msg1
I agree to sell you my horse ^Fita^, its saddle and harness for price   14000 dollars. Signed Bara

:~/misc/md5$ md5sum msg1
57ce330a6c6ca8e9ffab4f3b36b2a1a5  msg1

(Bara signs msg1 and sends it back to Pavel). Two days later, Pavel
comes with a car, and $1000. Bara denies she offered Fita for $1000,
but can not find copy of the e-mail exchange. Fortunately Pavel has a
copy with him, digitaly signed by Bara. They view it on her computer,
and verify the signatures. At that point Bara agrees she probably made
a mistake, and accepts $1000...

:~/misc/md5$ cat msg2
I agree to sell you my horse ^Fita^, its saddle and harness for price   1ยด000 dollars. Signed Bara

:~/misc/md5$ md5sum msg2
57ce330a6c6ca8e9ffab4f3b36b2a1a5  msg2

(With apologies to Bara; let's hope she'll never find out).

PS: I tried it on linux console, and it does some nasty terminal
tricks. Of course, if Bara investigated, she'd probably found out

People were complaining that M$ turns users into beta-testers...
...jr ghea gurz vagb qrirybcref, naq gurl frrz gb yvxr vg gung jnl!

Attachment: msg1

Attachment: msg2

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]