Slashdot Mirror

← Back to Stories (view on slashdot.org)

MD5 Collision Source Code Released

Posted by Zonk on from the collisiontacular dept.

SiliconEntity writes "The crypto world was shaken to its roots last year with the announcement of a new algorithm to find collisions in the still widely-used MD5 hash algorithm. Despite considerable work and commentary since then, no source code for finding such collisions has been published. Until today! Patrick Stach has announced the availability of his source code for finding MD5 collisions and MD4 collisions (Coral cache links provided to prevent slashdotting). MD4 collisions can be found in a few seconds (but nobody uses that any more), while MD5 collisions (still being used!) take 45 minutes on a 1.6 GHz P4. At last we will be able to implement various attacks which have been purely hypothetical until now. This more than anything should be the final stake in the heart of MD5, now that anyone can generate collisions whenever they want."

6 of 411 comments (clear)

  1. 1.6GHz P4? by CCFreak2K · · Score: 0, Redundant

    My desktop PC is a Pentium 4 at 1.5GHz, and even that thing is considerably slower compared to my 1.5GHz Celeron-M. A modern PC could crack it even faster.

    --
    "Beware of he who would deny you access to information, for in his heart he dreams himself your master."
  2. Torrent Poisoning by dduardo · · Score: 0, Redundant

    Does this mean the RIAA/MPAA can poison torrents by generating files with the same hash?

  3. Next Version by winphreak · · Score: 1, Redundant

    So... When will MD6 come about? (yes, a weak version number pun, I know)

    --
    "I'm a well-wisher, in that I don't wish you any specific harm."
  4. Re:shaken to our what? by tomstdenis · · Score: 0, Redundant

    I was talking about 5 years ago. Though I wouldn't trust SHA-2 today anyways. The design is just not sound.

    It's practically secure [SHA-2] as to be useful today but I wouldn't be happy about it.

    Tom

    --
    Someday, I'll have a real sig.
  5. We're doomed by ThereCanBeOnlyOne007 · · Score: 0, Redundant

    Dooooomed.

  6. Easy cracking of linux user passwords by camcorder · · Score: 0, Redundant

    Actually this tool makes cracking linux user passwords using glibc 2.2. As this version of glibc using MD5 to encode in crypt function. It would only take matter of time to crack if an attacker get shadow file (or maybe passwd file on systems which shadow suite is not installed). There's no reason to use dictionary attack or something, just find collision text and use this text as login password.

    I really find this extremely scary as there're lots of p0wned machines around now it will be easy for attackers to hide themselves (ie. they won't need to keep open port to be uidzero after first intrusion) Actually it's better to patch crypt function to use other more secure algorithms.