Better crypto hash functions, long, with code
Fri Aug 26 11:23:35 CEST 2005
Nice. Note that the Sourceforge bug for this issue indicates that
something is already being done about it. It just happens to have
been updated a day or so ago:
Note to skeptics: the attacks are pretty serious. Here's a demo of a
meaningful possible fraud resulting from knowing just one md5
collision, possibly found by somebody else:
Something similar can be done with SHA1 if a collision gets published.
The work factor for finding an SHA1 collision is now down to O(2**63),
which is within range of a distributed internet search.
The md5 attack relies on the md5's message-extension property (shared
by sha-1): if you find just one collision, you can easily generate an
"infinite" family of colliding messages.
Anyone know if the sha-2 hashes have that property?
More information about the Python-list