[Cryptography] let's kill md5sum!
Ray Dillinger
bear at sonic.net
Sun Jun 7 15:14:39 EDT 2015
On 06/06/2015 12:42 PM, Tom Mitchell wrote:
> On Fri, Jun 5, 2015 at 7:22 PM, Zooko Wilcox-OHearn <
> zooko at leastauthority.com> wrote:
>
>> Dear Perry's Crypto List folks:
>>
>> The time has come to kill off md5sum.
> Well killing it is not an easy option. Storage and historic data
> might have a md5 check sum to validate it. Many more cases
> will turn up to the point that killing it is not an option.
We're already trying to stop it from spreading. The relevant
section from the md5sum man page already says:
>BUGS
> The MD5 algorithm should not be used any more for
> security related purposes. Instead, better use an SHA-2
> algorithm, implemented in the programs sha224sum(1),
> sha256sum(1), sha384sum(1), sha512sum(1)
So anybody who uses it in a new application is making a well-
known, documented, mistake.
Killing it is a harder proposition because it involves getting
rid of existing uses with an entrenched set of applications.
But Zooko is absolutely right; painful or not, hard or not, it
does need to be done.
Probably the first major step that need be taken is to get
the utilities that the operating system depends on fixed.
Once that is done, it will become possible for a linux distro
to simply NOT INSTALL md5sum by default.
Debian's licensing policy strongly deprecates anything whose
license is "non-free" as they understand freedom, making a
hard requirement that nothing installed by default may depend
on it. A very similar "security policy" should be written and
used regarding anything that depends on known-broken features
like MD5sum. "Insecure" is at least as bad as "non-free."
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150607/47585254/attachment.sig>
More information about the cryptography
mailing list