--On December 1, 2007 2:20:21 PM -0500 Tim <[EMAIL PROTECTED]> wrote:
>> because they perform risk-analysis: >> - what are the threats to my assets? >> - which role does MD5 play there? >> - any subsequent risk then from using it? >> - high priority risk? mitigating controls or risk acceptance? > > Don't kid yourself. Very few businesses in my experience think about > this stuff when they go to use a hash. Most just use whatever hash > they're used to using. I rarely see clients actually sitting down and > thinking about what the application of a given hash is and what the > threats are in their specific case. > > >> would you be so kind to show me a real-world attack against a VPN >> using MD5 hashing? ... > > Assuming there are no real-world attacks against your particular VPN > that uses MD5, does that make it safe for the rest of us in any given > application? A rather leading question IMO. > While I don't think it's time to panic, it's definitely time to begin moving to SHA-256 and stop using MD-5. FreeBSD has already done so in its ports system, although you can still use MD-5 as well. But far too many downloads still use MD-5 or **no checksum at all**, and that is a problem. While collisions in MD-5 are now proven, what I've not seen yet is the ability to alter a legitimate file or tarball yet generate the same checksum. It *is* theoretically possible, however, and the fact that collisions have been proven should be enough to begin abandoning its use IMO. Paul Schmehl ([EMAIL PROTECTED]) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
