Author Topic: Is MD5 dead? (Read 5408 times)

quixin · « **on:** December 01, 2007, 03:40:11 AM »

What do you guys make of this?

Quote

We announce two different Win32 executable files with different functionality but identical MD5 hash values. This shows that trust in MD5 as a tool for verifying software integrity, and as a hash function used in code signing, has become questionable.

http://www.win.tue.nl/hashclash/SoftIntCodeSign/

Miquel 'Fire' Burns · « **Reply #1 on:** December 02, 2007, 02:37:25 AM »

Yea, it was bound to happen. Any hashing tool can have this. Also, unless they were also the same size, other checks should raise a red flag (Gentoo Portage uses three(I think) hashing tools plus file size to make sure the file is right)

Eric H. Jung · « **Reply #2 on:** December 03, 2007, 06:35:42 PM »

For the purposes of PasswordMaker, MD5 is still viable. The likelihood of two or more master passwords colliding is unbelievably low.

PasswordMaker Forums · « **Reply #2 on:** December 03, 2007, 06:35:42 PM »

PasswordMaker Forums

Author Topic: Is MD5 dead? (Read 5408 times)

quixin

Is MD5 dead?

Miquel 'Fire' Burns

Re: Is MD5 dead?

Eric H. Jung

Re: Is MD5 dead?

PasswordMaker Forums

Re: Is MD5 dead?