Home > mailing lists

Re: md5 collision generator - Mailing list pgsql-admin

From	Tom Lane
Subject	Re: md5 collision generator
Date	November 16, 2005 14:29:16
Msg-id	5967.1132154949@sss.pgh.pa.us Whole thread Raw
In response to	md5 collision generator (Wim Bertels <wim.bertels@khleuven.be>)
Responses	Re: md5 collision generator (Wim Bertels <wim.bertels@khleuven.be>) Re: md5 collision generator ("Matthew D. Fuller" <fullermd@over-yonder.net>)
List	pgsql-admin

Tree view

Wim Bertels <wim.bertels@khleuven.be> writes:
> the sourcecode of a md5 collision generator has been released,
> it takes about 45 minutes to generate.
> ..so to an "eve" with this knowledge md5 is almost the same as plain text..

Really?

The fact that you can construct pairs of strings with matching md5
hashes does not mean that you can find a string with the same md5 hash
as a given string.

The existence of this algorithm is disturbing, since it implies that MD5
is weaker than people thought, but it IS NOT a useful password cracker,
and there's no reason for immediate panic.

            regards, tom lane

pgsql-admin by date:

From: Wim Bertels
Date: 16 November 2005, 12:47:27
Subject: md5 collision generator

From: "Kevin Grittner"
Date: 16 November 2005, 14:39:01
Subject: Re: ERROR: could not read block

Re: md5 collision generator - Mailing list pgsql-admin

Previous

Next