[Cryptography] let's kill md5sum!
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Mon Jun 8 05:12:24 EDT 2015
Heinz Diehl <htd+ml at fritha.org> writes:
>There are many use cases where its vulnerabilities are not a weakness, as
>e.g. in data mining, probabilistic string and pattern matching and many more.
>So why remove it (and breaking a lot of software)?
>
>The point is that its use as a cryptographic hash should be abandoned, but
>not its use in general.
Yup. There are a lot of cases where it's used as a kind of super-CRC32, to
detect data corruption on storage media rather than malicious alterations, and
it's perfectly adequate for that. It's nearly universally available and
provides a convenient means of verifying that your transfer via FTP or USB
flash didn't flip a few bits or lose some blocks somewhere.
Peter.
More information about the cryptography
mailing list