Stefan Lucks <[EMAIL PROTECTED]> writes: > Magnus Daum and myself have generated MD5-collisons for PostScript files: > > http://th.informatik.uni-mannheim.de/people/lucks/HashCollisions/ > > This work is somewhat similar to the work from Mikle and Kaminsky, except > that our colliding files are not executables, but real documents. > > We hope to demonstrate how serious hash function collisions should be > taken -- even for people without much technical background. And to help > you, to explain these issues > > - to your boss or your management, > - to your customers, > - to your children ...
While this is a clever idea, I'm not sure that it means what you imply it means. The primary thing that makes your attack work is that the victim is signing a program which he is only able to observe mediated through his viewer. But once you're willing to do that, you've got a problem even in the absence of collisions, because it's easy to write a program which shows different users different content even if you without hash collisions. You just need to be able to write conditionals. For more, including an example, see: http://www.educatedguesswork.org/movabletype/archives/2005/06/md5_collisions.html -Ekr --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]