• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: MD5 [was: [NSPipe pipe] returning nil (running out of filehandles?)]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 [was: [NSPipe pipe] returning nil (running out of filehandles?)]

  • Subject: Re: MD5 [was: [NSPipe pipe] returning nil (running out of filehandles?)]
  • From: Jens Alfke <email@hidden>
  • Date: Wed, 2 Apr 2008 13:52:50 -0700

On 2 Apr '08, at 9:12 AM, John Stiles wrote:

And AFAIK nobody is even remotely close to finding a technique which would let you write arbitrary data and then tack on a few bytes to get the signature you want,

From the Wikipedia article:
Because MD5 makes only one pass over the data, if two prefixes with the same hash can be constructed, a common suffix can be added to both to make the collision more reasonable.
Because the current collision-finding techniques allow the preceding hash state to be specified arbitrarily, a collision can be found for any desired prefix; that is, for any given string of characters X, two colliding files can be determined which both begin with X.
All that is required to generate two colliding files is a template file, with a 128-byte block of data aligned on a 64-byte boundary, that can be changed freely by the collision-finding algorithm.
Recently, a number of projects have created MD5 "rainbow tables" which are easily accessible online, and can be used to reverse many MD5 hashes into strings that collide with the original input, usually for the purposes of password cracking. However, if passwords are combined with asalt before the MD5 digest is generated, rainbow tables become much less useful.

and that's what I'd call "fully broken," at least that's what you'd need to find in order to make an exploit.

That depends on what the digest is being used for — different cryptographic protocols rely on different features of the underlying algorithms. In some circumstances simply finding any hash collision could be enough to break security. (Schneier's "Advanced Cryptography" has several examples where a seemingly irrelevant weakness in an underlying algorithm led to an attack on a higher level protocol that used it. I believe the sad case of WEP was one.)

—Jens

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >[NSPipe pipe] returning nil (running out of filehandles?) (From: Martin Redington <email@hidden>)
 >Re: [NSPipe pipe] returning nil (running out of filehandles?) (From: Jim Correia <email@hidden>)
 >Re: [NSPipe pipe] returning nil (running out of filehandles?) (From: Martin Redington <email@hidden>)
 >Re: [NSPipe pipe] returning nil (running out of filehandles?) (From: Jens Alfke <email@hidden>)
 >Re: [NSPipe pipe] returning nil (running out of filehandles?) (From: John Stiles <email@hidden>)

  • Prev by Date: Read jpeg comments from file?
  • Next by Date: Re: NSManagedObject data only shows up in view sometimes
  • Previous by thread: Re: [NSPipe pipe] returning nil (running out of filehandles?)
  • Next by thread: Re: [NSPipe pipe] returning nil (running out of filehandles?)
  • Index(es):
    • Date
    • Thread