nanog mailing list archives

Re: MD5 is insecure

From: Seth David Schoen via NANOG <nanog () lists nanog org>
Date: Sun, 31 Aug 2025 17:47:44 -0700

brent saner via NANOG writes:

Alice creates keypair *KP2*, with public key *K2*. Alice then pads
junk to *K2*'s *n* until she reaches collision in the wire-packed form
with *C,* creating *Blob1*. Let's say Alice had to add 512 bytes to
reach collision with *C*.


To "reach collision in the wire-packed form with C", for a value of C
that Alice was given and didn't choose, with currently known techniques,
Alice has to do 2¹²⁸ work, which she can't do.  It's not good practice
to give Alice this attack vector for no reason, and maybe a future
technique could make it more feasible, but it's still not expected that
she can exploit it at present.
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/ZXKIH7PK7J7ULYTIGTLECZK7L53J63KO/

Current thread:

Re: beware: being old sucks, (continued)
- - - Re: beware: being old sucks nanog--- via NANOG (Aug 31)
    - Re: beware: being old sucks Liudvikas Bukys via NANOG (Aug 31)
    - Re: beware: being old sucks Tom Beecher via NANOG (Aug 31)
    - Re: MD5 is insecure nanog--- via NANOG (Aug 31)
    - Re: MD5 is insecure Dan Mahoney via NANOG (Aug 31)
    - Re: MD5 is insecure Pedro Prado via NANOG (Aug 31)
    - Re: MD5 is insecure Krassimir Tzvetanov via NANOG (Aug 31)
    - Re: MD5 is insecure brent saner via NANOG (Aug 31)
    - Re: MD5 is insecure Tom Beecher via NANOG (Aug 31)
    - Re: MD5 is insecure brent saner via NANOG (Aug 31)
    - Re: MD5 is insecure Seth David Schoen via NANOG (Aug 31)
    - Re: MD5 is insecure nanog--- via NANOG (Aug 31)