Date sent: Sat, 21 Apr 2001 08:06:03 -0400
From: Rich Salz <[EMAIL PROTECTED]>
To: "Kenneth R. Robinette" <[EMAIL PROTECTED]>
Copies to: [EMAIL PROTECTED]
Subject: Re: MD5 and X509
Send reply to: [EMAIL PROTECTED]
Rich
Yes, its the hint that I am wondering about. If I do a MD5 signature
on the modulus of a public key, then take the first four bytes of the
resulting signature as an unsigned long to be used to create a
unique identifier, how unique is it? Apparently Eric Young
concluded that the first four bytes of the resulting signature of a cert
subject was unique enough to create lookup indexes. I was just
wondering what kind of trouble you could get into with this
conclusion.
Ken
> In the X509 functions, there are several that compute a MD5
> fingerprint and use only the first four bytes of the resulting 16 byte
> fingerprint (such as X509_subject_name_hash). The MD5
> documentation states that the 16 byte fingerprint is quite unique
> (2^64), how unique is the resulting 32 bit long value?
The MD5 documentation is rather optimistic. :) While it hasn't been
broken, per se, Dobbertin has found enough proof that the IETF
dis-recommends MD5 as a hash mechanism, leaving only SHA-1. (And,
presumably, SHA-nnn when they're released.)
In these cases you mention, however, MD5 isn't being used as a
cryptographic message digest, but rather a hash "hint" for lookups.
No worries, mate.
/r$
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
__________________________________________________
Support
InterSoft International, Inc.
Voice: 888-823-1541, International 281-398-7060
Fax: 888-823-1542, International 281-560-9170
[EMAIL PROTECTED]
http://www.securenetterm.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
