"James A. Donald" <[EMAIL PROTECTED]> writes: > -- > On 6 Dec 2004 at 16:14, Dan Kaminsky wrote: >> * Many popular P2P networks (and innumerable distributed >> content databases) use MD5 hashes as both a reliable search >> handle and a mechanism to ensure file integrity. This makes >> them blind to any signature embedded within MD5 collisions. >> We can use this blindness to track MP3 audio data as it >> propagates from a custom P2P node. > > This seems pretty harmful right now, no need to wait for > someday. > > But even back when I implemented Crypto Kong, the orthodoxy was > that one should use SHA1, even though it is slower than MD5, so > it seems to me that MD5 was considered harmful back in 1997, > though I did not know why at the time, and perhaps no one knew > why. Dobbertin's collision in the MD5 compression function was published in May of 1996.
-Ekr --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
