MD5 Message Digest question
This is a discussion on MD5 Message Digest question within the Linux Security forums, part of the System Security and Security Related category; On 2004-12-18, Lawrence DčOliveiro wrote: > In article <cotr0e$4ri$2@news.dialog.net.pl>, &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-18-2004
|
|||
|
|||
Re: MD5 Message Digest question
On 2004-12-18, Lawrence DčOliveiro wrote:
> In article <cotr0e$4ri$2@news.dialog.net.pl>, > "Stachu 'Dozzie' K." <dozzie@dynamit.im.pwr.wroc.pl.nospam> wrote: > >>On 2004-12-04, Lawrence DOliveiro wrote: >>> In article <coq6c2$hrn$1@zcars0v6.ca.nortel.com>, >>> "Kian Goh" <kiangoh2700544@hotmail.com> wrote: >>> >>>>I understand that the MD5 Message Digest algorithm takes as input a message >>>>of arbitrary length and produces as output a 128-bit ``fingerprint'' or >>>>``message digest'' of the input. >>> >>> Nobody should be using MD5 or SHA-1 for any new development. Think of >>> them as supported only for backward-compatibility purposes. For new >>> development, I'd suggest something like RIPE-MD160. >> >>Why? Because of recent collisions? AFAIR for RIPE-MD160 there were >>collisions found, too. And I can't recall if there were found collisions >>for SHA-1, not for SHA-0. Can you give me a link? Google says nothing >>about to me. > ><http://news.com.com/Crypto+researche...00-1002_3-5313 > 655.html> mentions significant weaknesses in MD5 as well as flaws in > both SHA and SHA-1. In SHA-1 there is only a potential weakness for now, though it is disturbing. > I'm not aware of any equivalent weaknesses found in RIPE-MD160. Can you > give a reference for these? OK, I've made a mistake. It wasn't RIPE-MD160, but RIPE-MD. The paper is the first link in text you've pointed to: http://eprint.iacr.org/2004/199.pdf -- Stanislaw Klekot 
|
Linear Mode
