Hi Alicia,

> A number of months ago, I came across a website that had illustrated
> a MD5 weakness by providing two different pieces of readable English
> plaintext, with one or more words changed from the other, that had
> the exact same MD5 hash.

As far as I know, no-one has published any collisions for the 
full MD5. Hans Dobbertin published a collision for the compression 
function of MD5, relying upon a specially chosen IV rather than 
the one specified by MD5. 

I would guess you saw a collision for MD4, not MD5. As I recall 
Dobbertin had an English-language collision for MD4 in his 
"Cryptanalysis of MD4" paper at FSE and in J. Cryptology.

Hope this helps
-Lewis

Lewis McCarthy           [EMAIL PROTECTED]   1-650-694-6813
Software Engineer        Critical Path Inc. L.A.S.E.R.
See how thought travels at http://www.criticalpath.net

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to