/dev/random and /dev/urandom

Poul-Henning Kamp phk at phk.freebsd.dk
Mon May 12 01:41:12 PDT 2003

In message <20030512083807.GL73391 at netch.kiev.ua>, Valentin Nechayev writes:
> Sun, May 11, 2003 at 23:29:32, phk wrote about "Re: /dev/random and /dev/urandom": 
>> There is one current concern with MD5: over-ratio of collisions.
>> What this means is that it may be a bit too easy to find a
>> MD5 input which generates a given MD5 output.
>Sorry, I might forget cryptography news for a few last years.
>Do you say there is _real_ example of two different data streams producing
>identical MD5 output _of its full length_?
>Please show an URL if things are already on this way...

No, but research has shown that this _may_ not be as hard to
accomplish as previously expected.

Appearantly this has got a lot of people jumping up and down,
pointing fingers at MD5, which IMO is an overreaction.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the freebsd-bugs mailing list