Practical MD5 collisions

Monday 13 June 2005

Last August, we heard about MD5 collisions, where two contrived strings would hash to the same MD5 fingerprint. That was a theoretical flaw in MD5, but it wasn't clear how you could really use it to subvert the security of a system. Well, now Magnus Daum and Stefan Lucks can create two PostScript files with completely different contents, but the same MD5 hash.

Don't trust MD5 for security!

Comments

Add a comment:

name
email
Ignore this:
not displayed and no spam.
Leave this empty:
www
not searched.
 
Name and either email or www are required.
Don't put anything here:
Leave this empty:
URLs auto-link and some tags are allowed: <a><b><i><p><br><pre>.