Full Disclosure: Re: MD5 algorithm considered toxic (and harmful)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: MD5 algorithm considered toxic (and harmful)

From: coderman <coderman () gmail com>
Date: Sat, 1 Dec 2007 15:09:32 -0800

On Dec 1, 2007 5:06 AM, Kristian Erik Hermansen
<kristian.hermansen () gmail com> wrote:

[MD5 is dead like WEP]


yup.

And since Chinese researchers have been
attacking SHA-1 lately, should SHA-256 be considered the proper
replacement?


SHA2 is good.  (so 256 or 512).  the design differs from SHA1 and
avoids the weaknesses being exploited against this hash func.

still, ~2^69 collision resistance for SHA1 is a world of security
better than MD5.  iMD5 is really dead, lingering only to feast on the
brains of the unawares...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: MD5 algorithm considered toxic (and harmful), (continued)
- Re: MD5 algorithm considered toxic (and harmful) Steven Adair (Dec 01)
  - Re: MD5 algorithm considered toxic (and harmful) James Matthews (Dec 01)
    - Re: MD5 algorithm considered toxic (and harmful) Enno Rey (Dec 01)
    - Re: MD5 algorithm considered toxic (and harmful) Tim (Dec 01)
    - Re: MD5 algorithm considered toxic (and harmful) Paul Schmehl (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) coderman (Dec 01)
- Re: MD5 algorithm considered toxic (and harmful) Valdis . Kletnieks (Dec 01)
  - Re: MD5 algorithm considered toxic (and harmful) Kristian Erik Hermansen (Dec 01)