Crypographically Strong Software Distribution HOWTO
Sandy Harris
sandy at storm.ca
Mon Jul 2 18:42:18 EDT 2001
Jon Callas wrote:
> Hans Dobbertin found some weaknesses in MD5 in 1996. I found two quickie
> references, a note by Dobbertin on the issue:
>
> http://www.math.ohio-state.edu/~fiedorow/PGP/MD5_discussion
>
> and his paper on the weaknesses:
>
> http://www.cs.ucsd.edu/users/bsy/dobbertin.ps
>
> The short answer is that he found weaknesses in MD5 similar to the
> weaknesses found in MD4 before it was broken. ...
Also note that RFC 2104 on the HMAC construction used in IPSEC
explicitly cites Dobbertin and says the attack does not apply:
... MD5 has been recently
shown to be vulnerable to collision search attacks [Dobb]. This
attack and other currently known weaknesses of MD5 do not compromise
the use of MD5 within HMAC as specified in this document
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list