On Thu, 07 Apr 2005 14:52:55 PDT, Mike Owen said: > As reported over the last few months, MD5 is very broken. MD5 > collisions are very easy to generate, with some reports of as little > as a few hours needed on reasonable hardware to generate a collision.
There's now a known attack for generating 2 strings that happen to hash to the same MD5 hash value fairly easily. The more general problem of generating a second string that hashes to an already known/fixed MD5 hash is still basically infeasible (unless you're a very well funded spook agency *and* know something the rest of us don't)...
pgpYZLM3HC6YW.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
