MD5 Hash Collisions

Post by **saturn** » Thu Jun 16, 2005 9:33 am

Uhmmm....apparently they can generate the same MD5 Hash for different documents. This is a potential weakness for digital signatures.

http://www.cits.rub.de/MD5Collisions/

Maybe this is interesting for cryptographers/hackers :icon32:

Post by **saturn** » Thu Jun 16, 2005 9:40 am

Took me a while before I even realised what an MD5 Hash was.

Real nerd stuff

Post by **seremtan** » Thu Jun 16, 2005 9:43 am

the password database of this bb is md5 hashed - isn't it?

Post by **saturn** » Thu Jun 16, 2005 10:01 am

that's quite possible

Post by **MKJ** » Thu Jun 16, 2005 10:01 am

seremtan wrote:the password database of this bb is md5 hashed - isn't it?

way ahead of you

Post by **Denz** » Thu Jun 16, 2005 10:06 am

Say it ain't so!!

Post by **glossy** » Thu Jun 16, 2005 10:45 am

seremtan wrote:the password database of this bb is md5 hashed - isn't it?

yeah, it is.

the chances of md5 collisions on short strings like passwords and the like are too small to worry about, imo, and if you're calculating much larger documents, a stronger solution (with more detailed/longer output) should be used.

Post by **^misantropia^** » Thu Jun 16, 2005 11:19 am

saturn wrote:Uhmmm....apparently they can generate the same MD5 Hash for different documents. This is a potential weakness for digital signatures.

http://www.cits.rub.de/MD5Collisions/

Maybe this is interesting for cryptographers/hackers :icon32:

It only works in special cases... for now. But since they've found a special case it probably won't be long before someone finds a way to apply it in general. There's an interesting Slashdot article here.

Post by **saturn** » Thu Jun 16, 2005 12:14 pm

I tried to read the comments, but it's all going over my head.

Post by **seremtan** » Thu Jun 16, 2005 12:32 pm

glossy wrote:
seremtan wrote:the password database of this bb is md5 hashed - isn't it?
yeah, it is.

the chances of md5 collisions on short strings like passwords and the like are too small to worry about, imo, and if you're calculating much larger documents, a stronger solution (with more detailed/longer output) should be used.

Hm, but I guess there will always be the possibility of collisions in the output of non-reversible algorithms so it was inevitable. I guess if the hex code is long enough it'll have more combinations than there are atoms in the universe or someshit, and problem solved.

Post by **^misantropia^** » Thu Jun 16, 2005 4:09 pm

seremtan wrote:Hm, but I guess there will always be the possibility of collisions in the output of non-reversible algorithms so it was inevitable.

Correct. Moreover, since you lose information when hashing, collisions aren't a possibilty, they are inevitable. The trick is getting two pieces of data to hash to the same value. Which is now feasible (since August 2004 already, actually).

seremtan wrote:I guess if the hex code is long enough it'll have more combinations than there are atoms in the universe or someshit, and problem solved.

Incorrect. Enlarging the hash is pointless if the underlying algorithm is weak.

Post by **GONNAFISTYA** » Thu Jun 16, 2005 6:17 pm

Fuckin nerds.

Post by **Foo** » Thu Jun 16, 2005 7:52 pm

seremtan wrote:the password database of this bb is md5 hashed - isn't it?

If someone generates a hash collision for your password on this site, all they get is access to your account here.

Generating a collision does not give you the original password. Indeed, the original password isn't stored ANYWHERE on the site, only the MD5 exists now.

MD5 Hash Collisions

MD5 Hash Collisions

Re: MD5 Hash Collisions