Bugtraq mailing list archives
Re: MD5 To Be Considered Harmful Someday
From: "David F. Skoll" <dfs () roaringpenguin com>
Date: Wed, 8 Dec 2004 13:52:56 -0500 (EST)
On Tue, 7 Dec 2004, Tim wrote:
Due to the slowness of public key, most digital signatures are performed on a digest of the original document.
I think it's time to change the way we do digital signatures to compute several hashes of the original document using different algorithms (SHA1, MD5, ...) and sign the concatenation of the resulting digests. Does any standard signing software do this yet? Also, it's probably a good idea to alter in some small and unpredictable way anything that you're asked to sign. (Add some spaces, add text like "Signed by David F. Skoll", etc.) This makes it impossible to precompute two versions that hash to the same value, though it's still not very good protection if it becomes easy to find MD5 collisions. Regards, David.
Current thread:
- MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 07)
- Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 07)
- Re: MD5 To Be Considered Harmful Someday Tim (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Dragos Ruiu (Dec 08)
- Re: MD5 To Be Considered Harmful Someday David F. Skoll (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Joel Maslak (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Steve Friedl (Dec 08)
- RE: MD5 To Be Considered Harmful Someday David Schwartz (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Keith Oxenrider (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Paul Wouters (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Paul Wouters (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Adam Shostack (Dec 09)
- Re: MD5 To Be Considered Harmful Someday Tim (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Solar Designer (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Gandalf The White (Dec 07)