Report of collision-generation with MD5
Jan Grant
Jan.Grant at bristol.ac.uk
Thu Aug 26 06:36:09 PDT 2004
On Wed, 18 Aug 2004, Mike Tancsa wrote:
> If someone can pad an archive to come
> up with the same MD5 hash, this would challenge the security of the FreeBSD
> ports system no ?
You are correct. However, that is not what the paper is demonstrating.
It's showing how to find two separate strings that you can tack on the
end of a arbitrary file (the strings are parameterised by file contents)
and the resulting MD5 hashes of both new files will be the same. They
will not be the same as that of the original file.
--
jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/
That which does not kill us goes straight to our thighs.
More information about the freebsd-security
mailing list