-----BEGIN PGP SIGNED MESSAGE----- On Sun, 30 Jun 1996, Mike Duvos wrote:
Has MD5 been broken again? Or are you referring to that little collision problem which is unlikely to affect the security of the typical real life application?
The point isn't whether MD5 can be attacked in a "real life" application, but that there is a flaw in MD5. This means that it is weaker than an algorithm like SHA that has no known cryptanalytical attacks against it. Besides, a hashing algorithm with a 128-bit output can be broken as easily as a 64-bit encryption key. MD5 shouldn't be used for that reason alone. - -- Mark =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= markm@voicenet.com | finger -l for PGP key 0xe3bf2169 http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348 "Freedom is the freedom to say that two plus two make four. If that is granted, all else follows." --George Orwell, _1984_ -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQCVAwUBMdblK7Zc+sv5siulAQHlCgP7BHta126r27mc0Xw9UKy4wnXhzu3AbRBM QauVyh5hHvWKMJ7tXZEyDOtzvGCL3KalHCcXE7cfnybhOS6D+w9K/ZTafY0ASwP+ q6VHT1F3r0b616hL0wfp165X/qTVYKb4urWRU0p+hv9mQ0ET0ZoYpHJz66+7YJ5o AcobTzBNQyk= =oyfI -----END PGP SIGNATURE-----