Re: [forward] Successful Cryptanalysis of MD5

James M Galvin <galvin@tis.com> Thu, 18 March 1993 17:33 UTC

Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa08882; 18 Mar 93 12:33 EST
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa08878; 18 Mar 93 12:33 EST
Received: from SLEEPY.TIS.COM by CNRI.Reston.VA.US id aa16463; 18 Mar 93 12:33 EST
Received: from sleepy.tis.com by sleepy.TIS.COM id aa01594; 18 Mar 93 17:09 GMT
Received: from tis.com by sleepy.TIS.COM id aa01592; 18 Mar 93 12:01 EST
Received: from TIS.COM by TIS.COM (4.1/SUN-5.64) id AA22446; Thu, 18 Mar 93 12:01:12 EST
Message-Id: <9303181701.AA22446@TIS.COM>
Reply-To: James M Galvin <galvin@tis.com>
To: Ran Atkinson <atkinson@tengwar.itd.nrl.navy.mil>
Cc: snmp-sec-dev@tis.com
Subject: Re: [forward] Successful Cryptanalysis of MD5
In-Reply-To: Ran Atkinson's message of Thu, 18 Mar 93 11:29:35 EST. <9303181630.AA20813@TIS.COM>
Date: Thu, 18 Mar 1993 12:01:09 -0500
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: James M Galvin <galvin@tis.com>

	I have no idea if this is true.  If true it might have some
	implications for SNMP Security.

I resisted posting this note when I first saw it, although I've seen
further information on this.  In particular, it has been pointed out by
others more knowledgeable than myself, that if you read Bruce's note
carefully you'll see that MD5 wasn't actually broken.  What they've done
is to work back part of the way through the hash function.

In any case, this development needs to be tracked closely.  We won't
really know anything until Eurocrypt in a couple of months, where the
detailed results will be published.

Jim

PS.  For the intensely curious, it has also been pointed that this
result identifies a potential vulnerability in SHA, also.