- From: Oliver Hunt <oliver@apple.com>
- Date: Thu, 03 Sep 2015 11:52:20 -0700
- To: Melvin Carvalho <melvincarvalho@gmail.com>
- Cc: WHATWG <whatwg@whatwg.org>, Philip Jägenstedt <philipj@opera.com>, Ian Hickson <ian@hixie.ch>, "henry.story@bblfish.net" <henry.story@bblfish.net>
> On Sep 3, 2015, at 11:33 AM, Melvin Carvalho <melvincarvalho@gmail.com> wrote: >> > > Im not an expert here, but my understanding from reading some wikipedia > articles was that a preimage attack on md5 was 2^123. For a pre-image attack that’s true (or thereabouts), the real problem is that you can compute content to ensure a collision with a target hash. Essentially you can take some content, make the changes you want, and then mutate some other part of the data that isn’t important until you generate a collision. This isn’t a theoretical attack, this was used to compromise/MiTM the windows update servers a few year ago (Flame attack i think?) Anyhoo I can’t recall the time involved, but i suspect by now you can probably compute a collision in a few hours. —Oliver
Received on Thursday, 3 September 2015 18:52:48 UTC