MD5 To Be Considered Harmful Someday

Effugas writes "I've completed an applied security analysis (pdf) of MD5 given Xiaoyun Wang et al's collision attack (covered here and here). From an applied perspective, the attack itself is pretty limited -- essentially, we can create 'doppelganger' blocks (my term) anywhere inside a file that may be swapped out, one for another, without altering the final MD5 hash. This lets us create any number of binary-inequal files with the same md5sum. But MD5 uses an appendable cascade construction -- in other words, if you happen to find yourself with two files that MD5 to the same hash, an arbitrary payload can be applied to both files and they'll still have the same hash. Wang released the two files needed (but not the collision finder itself). A tool, Stripwire, demonstrates the use of colliding datasets to create two executable packages with wildly different behavior but the same MD5 hash. The faults discovered are problematic but not yet fatal; developers (particularly of P2P software) who claim they'd like advance notice that their systems will fail should take note."

Re:It actually easy to see this

[pclminion]

You're full of shit. Put up or shut up.

"Doppelganger" "my term"

[Maxite]

... essentially, we can create 'doppelganger' blocks (my term)... Doppelganger is a term that I have seen used on the TV show Sealab 2021 quite a few times.

www.adultswim.com has information on the TV show of Sealab 2021 if anyone is interested.

Quite interesting to see someone go around and claim words as their own. In that case, I claim the word "the". Anyone who wishes to use the word "the" can submit enough money to fill a Library of Congress for a lincense.