Hi Alicia,
> A number of months ago, I came across a website that had illustrated
> a MD5 weakness by providing two different pieces of readable English
> plaintext, with one or more words changed from the other, that had
> the exact same MD5 hash.
As far as I know, no-one has published any collisions for the
full MD5. Hans Dobbertin published a collision for the compression
function of MD5, relying upon a specially chosen IV rather than
the one specified by MD5.
I would guess you saw a collision for MD4, not MD5. As I recall
Dobbertin had an English-language collision for MD4 in his
"Cryptanalysis of MD4" paper at FSE and in J. Cryptology.
Hope this helps
-Lewis
Lewis McCarthy [EMAIL PROTECTED] 1-650-694-6813
Software Engineer Critical Path Inc. L.A.S.E.R.
See how thought travels at http://www.criticalpath.net
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]