Dear diary, on Sat, Apr 16, 2005 at 04:58:15PM CEST, I got a letter where "C. Scott Ananian" <[EMAIL PROTECTED]> told me that... > On Sat, 16 Apr 2005, Brian O'Mahoney wrote: > > >(1) I _have_ seen real-life collisions with MD5, in the context of > > Document management systems containing ~10^6 ms-WORD documents. > > Dude! You could have been *famous*! Why the > aitch-ee-double-hockey-sticks didn't you publish this when you found it? > Seriously, man. > > Even given the known weaknesses in MD5, it would take much more than a > million documents to find MD5 collisions. I can only conclude that the > hash was being used incorrectly; most likely truncated (my wild-ass guess > would be to 32 bits; a collision is likely with > 50% probability in a > million document store for a hash of less than 40 bits). > > I know the current state of the art here. It's going to take more than > just hearsay to convince me that full 128-bit MD5 collisions are likely. > I believe there are only two or so known to exist so far, and those were > found by a research team in China (which, yes, is fairly famous among the > cryptographic community now after publishing a paper consisting of little > apart from the two collisions themselves).
http://cryptography.hyperlink.cz/MD5_collisions.html -- Petr "Pasky" Baudis Stuff: http://pasky.or.cz/ C++: an octopus made by nailing extra legs onto a dog. -- Steve Taylor - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html