Bugtraq mailing list archives
Re: MD5 To Be Considered Harmful Today
From: Dan Kaminsky <dan () doxpara com>
Date: Wed, 08 Dec 2004 14:23:11 -0800
Except you can't do this, since the appended data needs to be identical between the two files. That's why I used the encrypted payload -- it ties the semantic meaning of the embedded commands to posession of vec1's series of bits, which is of course what a cipher is meant to do.:~/misc/md5$ cat msg1 I agree to sell you my horse ^Fita^, its saddle and harness for price 14000 dollars. Signed Bara
Your payloads differ but the above line is incorrect. Your actual appended files:
$ cat msg1[terminal garbage]I agree to sell you my horse ^Fita^, its saddle and harness for price 1 000 dollars. Signed Bara
$ cat msg2[slightly different terminal garbage]I agree to sell you my horse ^Fita^, its saddle and harness for price 1 000 dollars. Signed Bara
--Dan
Current thread:
- Re: MD5 To Be Considered Harmful Someday, (continued)
- Re: MD5 To Be Considered Harmful Someday Paul Wouters (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Adam Shostack (Dec 09)
- Re: MD5 To Be Considered Harmful Someday Solar Designer (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Pavel Kankovsky (Dec 09)
- Re: MD5 To Be Considered Harmful Someday Solar Designer (Dec 13)
- Re: MD5 To Be Considered Harmful Someday George Georgalis (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Dan Kaminsky (Dec 08)
- Re: MD5 To Be Considered Harmful Today Dan Kaminsky (Dec 08)
- Re: MD5 To Be Considered Harmful Today Pavel Machek (Dec 08)
- Re: MD5 To Be Considered Harmful Today Dan Kaminsky (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Jack Lloyd (Dec 08)
- Re: MD5 To Be Considered Harmful Someday Jack Lloyd (Dec 08)