• LOG IN

sicherheitsschwankung.de - some things I do for free

  • blog
  • wiki
  • gallery
  • git
Home › Blogs › Jan Lübbe's blog

Code for MD4/5 collisions released

Jan Lübbe — Wed, 2005-11-16 17:13

The code needed to create two bitstreams with the same hash is public. It takes about 45 minutes to find a MD5 collision. This does not allow to create a bitstream which maps to a given hash, so md5 is still safe for signing cleartext. However you can make two different documents in PostScript/PDF which have the same hash (more details). Use SHA-256 or SHA-512 (not SHA-1). MD5 collisions could also be used as "watermarks" for mp3 files (players skip invalid data) to track their distribution on p2p networks.

  • Coding
  • News
  • Technology
  • Jan Lübbe's blog
  • Login to post comments

Recent blog posts

  • Debian and the Beagle Board
  • Going to DebConf '08
  • Debian on the Neo1973
  • The long wait is over!
  • Next Neo1973 revision may use the SMedia Glamo3362 GPU
  • Intel releases PowerTOP
  • OpenMoko on Chaosradio Express (in german)
  • Supertux on the Neo
  • The OpenMoko website is live
  • Neo1973 hardware delayed
more

Friends

  • datenfreihafen.org
  • discarded-ideas.org
  • gesamtentwicklung.de
  • totalueberwachung.de

Drupal Debian Hacker Last.fm
  • blog
  • wiki
  • gallery
  • git

Creative Commons License
All content on sicherheitsschwankung.de is licensed under a Creative Commons Attribution-Share Alike 3.0 License (except where otherwise stated).