MD5 and SHA cracked/broken...

Magnus Lie Hetland mlh at furu.idi.ntnu.no
Sat Sep 11 18:59:56 CEST 2004


I saw this in an article referenced from slashdot a while back, and it
occurred to me that it might be relevant here...

Basically, at Crypto 2004 preliminary papers were presented that
pointed out weaknesses in MD5, SHA-0 and SHA-1. As far as I can tell,
MD5 is broken and SHA-1 seems to be in a precarious position (even
though I don't know the details at all).

Perhaps it would be appropriate to add a note, warning or "See also"
to the library documentation for the md5 and sha modules?

Of course, these modules don't give any guarantees, but their
functionality does seem to imply a certain level of security
(especially SHA, whose name even includes the name "secure"). If this
name no longer holds, a "heads up" might be useful.

Does anyone understand enough crypto-speak to figure out how
problematic this all is, and what applications should be avoided?

Also -- are there any alternative one-way functions that are still
considered safe, and that could be useful as Python modules (in place
of, perhaps, md5 and sha)?

-- 
Magnus Lie Hetland       The time you enjoy wasting is not wasted time
http://hetland.org                                  -- Bertrand Russel



More information about the Python-list mailing list