MD5

"Message Digest 5" is an often used cryptographic check sum.

I has been found vulnerable: http://developers.slashdot.org/article.pl?sid=04/12/07/2019244 and is effectively dead since it has been possible to create two meaningful documents of entirely different content, which produce an identical md5 has value.

It's possible to actually exploit (german) that vulnerability:

http://www.win.tue.nl/~bdeweger/CollidingCertificates/

http://it.slashdot.org/article.pl?sid=05/11/15/2037232

collision soure code http://www.stachliu.com.nyud.net:8090/collisions.html made it possible to create arbitrary X.509 (SSL) certificates see Heise (german).

Vulnerability of software integrity and code signing applications to chosen-prefix collisions for MD5 'For abusing a chosen-prefix collision on a software integrity protection or a code signing scheme, the attacker should be able to manipulate the files before they are being hashed and/or signed. This may mean that the attacker needs insider access to the party operating the trusted software integrity protection or code signing process.' - Which is clearly not the case in Askemos implementations.

last modification:

Mon, 03 Dec 2007 10:27:21 +0100

authors:

jfw,

document identifier:

A849640f672ed0df0958abc0712110f3c

delivered to public at Sat, 31 Jul 2010 19:52:37 +0200

short comments