Jon Callas wrote: > Hans Dobbertin found some weaknesses in MD5 in 1996. I found two quickie > references, a note by Dobbertin on the issue: > > http://www.math.ohio-state.edu/~fiedorow/PGP/MD5_discussion > > and his paper on the weaknesses: > > http://www.cs.ucsd.edu/users/bsy/dobbertin.ps > > The short answer is that he found weaknesses in MD5 similar to the > weaknesses found in MD4 before it was broken. ... Also note that RFC 2104 on the HMAC construction used in IPSEC explicitly cites Dobbertin and says the attack does not apply: ... MD5 has been recently shown to be vulnerable to collision search attacks [Dobb]. This attack and other currently known weaknesses of MD5 do not compromise the use of MD5 within HMAC as specified in this document --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
- Crypographically Strong Software Distribution HOWTO V. Alex Brennen
- Re: Crypographically Strong Software Distribut... Bill Frantz
- Re: Crypographically Strong Software Distribut... Rich Salz
- Re: Crypographically Strong Software Distr... V. Alex Brennen
- Re: Crypographically Strong Software Distribut... Kent Crispin
- Re: Crypographically Strong Software Distribut... Jon Callas
- Re: Crypographically Strong Software Distribut... Bram Cohen
- Re: Crypographically Strong Software Distr... Donald E. Eastlake 3rd
- Re: Crypographically Strong Software Distribut... Sandy Harris
- Re: Crypographically Strong Software Distribut... Ben Laurie
- Re: Crypographically Strong Software Distribut... Rich Salz
- Re: Crypographically Strong Software Distribut... V. Alex Brennen
- Re: Crypographically Strong Software Distribut... Ben Laurie
- Re: Crypographically Strong Software Distribut... Ben Laurie
- Re: Crypographically Strong Software Distr... V. Alex Brennen
- Re: Crypographically Strong Software Distribut... Greg Broiles
- Re: Crypographically Strong Software Distr... V. Alex Brennen