MD5 and SHA cracked/broken...

Magnus Lie Hetland mlh at
Sat Sep 11 18:59:56 CEST 2004

I saw this in an article referenced from slashdot a while back, and it
occurred to me that it might be relevant here...

Basically, at Crypto 2004 preliminary papers were presented that
pointed out weaknesses in MD5, SHA-0 and SHA-1. As far as I can tell,
MD5 is broken and SHA-1 seems to be in a precarious position (even
though I don't know the details at all).

Perhaps it would be appropriate to add a note, warning or "See also"
to the library documentation for the md5 and sha modules?

Of course, these modules don't give any guarantees, but their
functionality does seem to imply a certain level of security
(especially SHA, whose name even includes the name "secure"). If this
name no longer holds, a "heads up" might be useful.

Does anyone understand enough crypto-speak to figure out how
problematic this all is, and what applications should be avoided?

Also -- are there any alternative one-way functions that are still
considered safe, and that could be useful as Python modules (in place
of, perhaps, md5 and sha)?

Magnus Lie Hetland       The time you enjoy wasting is not wasted time                                  -- Bertrand Russel

More information about the Python-list mailing list