March 5, 2004

MD5CRK: finding collisions in MD5

Matt McParland writes "The MD5CRK project seeks to prove empirally that MD5 is a hash algorithm that exhibits the not-so-cryptographically-sound property of collisions. This has already been proven theoretically, but nobody really paid attention, so this distributed computing project was created.

While many people think hash algorithms are just used to create entries in/etc/shadow, MD5 is used in many applications of cryptography -- from SSL to IDS software to digital dignatures. This is despite published weaknesses and better (and freely available) drop-in replacements (SHA-256 is an example).

More information is available at"



  • Security
Click Here!