19/08/2004
The world collides…
Crypto 2004 reports say that people have been able to produce collisions for hash algorithms!
Some chinese authors reported a family of collisions for hash functions. In the beggining their report had an error on md5 (and it was renamed as md5′ collision) but they corrected their report and extended the collision to the real md5 algorithm. In the same report they introduce a collision on the SHA-0 algorithm that a lot of people fear it can be extended to the industry standard SHA-1.
We know from their “architecture” that all hash functions can have collisions…the problem is that these people found the way to reproduce them in reasonable computing time.
Quoting someone else on a thread, this is what can easily happen now:
An example of what you might do with this. You could request an SSL certificate (for your real identity) from a certificate authority. After the response comes back, you can then use that response (which is based on the MD5 of your identity+key) to “authenticate” a carefully chosen different certificate, one which claims that you are LargeBankOrSoftwareCorp., but which has the same MD5 as your real identity. You can then present this to other people in order to convince them that you are someone whom you are not.
Read this to reproduce the collision yourself: http://www.tcs.hut.fi/~mjos/md5/
Read the comments on this thread:
http://www.freedom-to-tinker.com/archives/000661.html
Filed by kargig at 17:08 under General
No Comments | 4,472 views