Timm Murray: > To my knowledge (which is admittedly limited in this area; well, a lot of > areas), MD5 was not completely broken, though it has been weakened somewhat. > Not enough to completely deprecate it's use, but enough that many > cryptographers will even choose something developed by NIST rather than use > MD5.
128-bit hashes are almost vulnerable to birthday attacks. Trying 7 trillion keys/second for a month may sound outlandish, but you could build a special machine if you had a million bucks. Now it's also true that MD5's compression function likes to spit out collisions, but this alone hasn't broken MD5. _______________________________________________ freenet-tech mailing list [EMAIL PROTECTED] http://lists.freenetproject.org/mailman/listinfo/tech
