Re: MD5 or SHA code

C Matthew Curtin (cmcurtin@interhack.net)
Fri, 21 Aug 1998 08:17:07 -0400 (EDT)

• Next message: C Matthew Curtin: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Previous message: Mark Tillotson: "Re: MD5 or SHA code"
• In reply to: Rick Campbell: "Re: MD5 or SHA code"
• Next in thread: bram: "Re: MD5 or SHA code"
• Reply: bram: "Re: MD5 or SHA code"

>>>>> "Dan" == Daniel R Oelke <Dan.Oelke@aud.alcatel.com> writes:

Dan> Ok, I have the crypto2.0 and crypto2.3 libraries, but am having a
Dan> hard time extracting *just* the MD5 or SHA code from it.

You might also want to be aware that Hans Dobbertin has done some
interesting attacks against MD5. While he hasn't shown real breakage
in any sense, he argues that his results look like some of the early
results against MD4, and that we might want to avoid MD5 for new
applications.

See CryptoBytes, v2n2,
<http://www.rsa.com/rsalabs/pubs/cryptobytes/html/article_index.html>

I'm curious what others think about the attack, and whether it's
paranoia to suggest avoiding MD5.

-- 
Matt Curtin cmcurtin@interhack.net http://www.interhack.net/people/cmcurtin/

• Next message: C Matthew Curtin: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Previous message: Mark Tillotson: "Re: MD5 or SHA code"
• In reply to: Rick Campbell: "Re: MD5 or SHA code"
• Next in thread: bram: "Re: MD5 or SHA code"
• Reply: bram: "Re: MD5 or SHA code"