Page 1 of 1
MD5 Hash Collisions
Posted: Thu Jun 16, 2005 9:33 am
by saturn
Uhmmm....apparently they can generate the same MD5 Hash for different documents. This is a potential weakness for digital signatures.
http://www.cits.rub.de/MD5Collisions/
Maybe this is interesting for cryptographers/hackers :icon32:
Posted: Thu Jun 16, 2005 9:40 am
by saturn
Took me a while before I even realised what an MD5 Hash was.
Real nerd stuff
Posted: Thu Jun 16, 2005 9:43 am
by seremtan
the password database of this bb is md5 hashed - isn't it?
Posted: Thu Jun 16, 2005 10:01 am
by saturn
that's quite possible
Posted: Thu Jun 16, 2005 10:01 am
by MKJ
seremtan wrote:the password database of this bb is md5 hashed - isn't it?
way ahead of you
Posted: Thu Jun 16, 2005 10:06 am
by Denz
Say it ain't so!!
Posted: Thu Jun 16, 2005 10:45 am
by glossy
seremtan wrote:the password database of this bb is md5 hashed - isn't it?
yeah, it is.
the chances of md5 collisions on short strings like passwords and the like are too small to worry about, imo, and if you're calculating much larger documents, a stronger solution (with more detailed/longer output) should be used.
Re: MD5 Hash Collisions
Posted: Thu Jun 16, 2005 11:19 am
by ^misantropia^
saturn wrote:Uhmmm....apparently they can generate the same MD5 Hash for different documents. This is a potential weakness for digital signatures.
http://www.cits.rub.de/MD5Collisions/
Maybe this is interesting for cryptographers/hackers :icon32:
It only works in special cases... for now. But since they've found a special case it probably won't be long before someone finds a way to apply it in general. There's an interesting Slashdot article
here.
Posted: Thu Jun 16, 2005 12:14 pm
by saturn
I tried to read the comments, but it's all going over my head.
Posted: Thu Jun 16, 2005 12:32 pm
by seremtan
glossy wrote:seremtan wrote:the password database of this bb is md5 hashed - isn't it?
yeah, it is.
the chances of md5 collisions on short strings like passwords and the like are too small to worry about, imo, and if you're calculating much larger documents, a stronger solution (with more detailed/longer output) should be used.
Hm, but I guess there will always be the possibility of collisions in the output of non-reversible algorithms so it was inevitable. I guess if the hex code is long enough it'll have more combinations than there are atoms in the universe or someshit, and problem solved.
Posted: Thu Jun 16, 2005 4:09 pm
by ^misantropia^
seremtan wrote:Hm, but I guess there will always be the possibility of collisions in the output of non-reversible algorithms so it was inevitable.
Correct. Moreover, since you lose information when hashing, collisions aren't a possibilty, they are
inevitable. The trick is getting two pieces of data to hash to the same value. Which is now feasible (since August 2004 already, actually).
seremtan wrote:I guess if the hex code is long enough it'll have more combinations than there are atoms in the universe or someshit, and problem solved.
Incorrect. Enlarging the hash is pointless if the underlying algorithm is weak.
Posted: Thu Jun 16, 2005 6:17 pm
by GONNAFISTYA
Fuckin nerds.
Posted: Thu Jun 16, 2005 7:52 pm
by Foo
seremtan wrote:the password database of this bb is md5 hashed - isn't it?
If someone generates a hash collision for your password on this site, all they get is access to your account here.
Generating a collision does not give you the original password. Indeed, the original password isn't stored ANYWHERE on the site, only the MD5 exists now.