MD5 Collisions - Implications

A few weeks ago I wrote a short piece about MD5 hash collisions and how this could have implications on how we use MD5 in cryptography.  Well, a group of researchers Arjen Lenstra (Lucent Bell Labs and Technische Universiteit Eindhoven), Xiaoyun Wang (Shandong University, Jinan, China) and Benne de Weger (Technische Universiteit Eindhoven) have released a paper on how they produced a pair of valid X.509 certificates which are based on the MD5 hash-function and that have identical signatures.

Another interesting link -  They used a 1.6GHz Intel Pentium notebook PC to find MD5 collisions in about 8 hours!  Interested readers might find the links on this page interesting -

Once you have a crack in the dam wall and a trickle starts to flow, a full-blown breach is only a matter of time.

Adrian Kingsley-Hughes
Last updated: March 8th 2005
Print This Page   |   Email me when this page changes    |  Search This Site System Scanner does the work for you!"); ?>

Contact Us