Practical MD5 collisions

Monday 13 June 2005

Last August, we heard about MD5 collisions, where two contrived strings would hash to the same MD5 fingerprint. That was a theoretical flaw in MD5, but it wasn’t clear how you could really use it to subvert the security of a system. Well, now Magnus Daum and Stefan Lucks can create two PostScript files with completely different contents, but the same MD5 hash.

Don’t trust MD5 for security!

Comments

Add a comment:

Ignore this:
Leave this empty:
Name is required. Either email or web are required. Email won't be displayed and I won't spam you. Your web site won't be indexed by search engines.
Don't put anything here:
Leave this empty:
URLs auto-link and some tags are allowed: <a><b><i><p><br><pre>.