hi,
it is true that collisions have been found in md5 (and a lot of other hash functions of that `family', cfr. the links you mention).
this means that the hash functions should certainly no longer be used in applications relying on the collision-resistance of the hash function, e.g., everything where md5withRsa is used should be replaced (note that md5 was considered deprecated already mid-nineties), but the verification of password hashes, such as used in pam, rely on the hash function's oneway-feature rather than on its collision-resistance...
cu, g.
----------------------------------------------------------------------------- expert in just too late deliveries and applied cryptography ----------------------------------------------------------------------------- mail: decockd:at:esat:dot:kuleuven:dot:ac:dot:be http://godot.be godot:at:advalvas:dot:be http://godot.studentenweb.org godot:at:godot:dot:be web: http://www.esat.kuleuven.ac.be/~decockd
On Tue, 24 Aug 2004, Robert Trebula wrote:
Hi,
Maybe you have already noticed - collisions have been found in MD5 hashing algorithm:
http://eprint.iacr.org/2004/199.pdf http://www.freedom-to-tinker.com/archives/000664.html http://www.unixwiz.net/techtips/iguide-crypto-hashes.html
My question is: Is there an easy way to make my debian sid installation use something else (better) than md5 for various things? Namely SHA-1 with some longer output in PAM.
Thanks, Robert -- http://deepblue.sk/~r0b0/web/ PGP fingerprint: FEB3 D653 F918 8B07 83B1 E4BD A3ED B11E 1DD5 ACD7
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
