[37654] in bugtraq
Re: MD5 To Be Considered Harmful Someday
daemon@ATHENA.MIT.EDU (Dan Kaminsky)
Wed Dec 8 18:44:53 2004
Message-ID: <41B7699A.5070507@doxpara.com>
Date: Wed, 08 Dec 2004 12:52:42 -0800
From: Dan Kaminsky <dan@doxpara.com>
MIME-Version: 1.0
To: Paul Wouters <paul@xtdnet.nl>
Cc: Gandalf The White <gandalf@digital.net>, davids@webmaster.com,
BugTraq <bugtraq@securityfocus.com>
In-Reply-To: <Pine.LNX.4.61.0412082146190.31218@expansionpack.xtdnet.nl>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Paul Wouters wrote:
> On Tue, 7 Dec 2004, Gandalf The White wrote:
>
>> What I am worried about is the integrity of MD5 hashed passwords. This
>
>
>> It does not matter that I don't know the correct password, I have a
>> password
>> that collides into the correct hash. I can log into the system with my
>> generated password.
>
>
> Can't we just truncate the password to 8 characters like in the old days
> before doing the MD5 hash? It will greatly reduce the chance of a
> collision.
> In fact, I am not even sure my systems don't do this already.
>
Actually, this greatly increases the chance of a collision. 123456789
will collide with 123456780.
It is unlikely we'll find any ASCII readable payload that collide
through Wang's search technique.
--Dan
