Slashdot | MD5 To Be Considered Harmful Someday
Well this sucks. Alot.
Remind me to use SHA1 in any future apps I develop....even though it is a hell of a lot slower.
This has so many implications: P2P file hashes, mirror verification, digitally signing e-mails or other stuff, Unix password hashes.
There are some uses of MD5 not affected, such as using MD5 to detect slight transmission errors (note: i said errors, not people intentionally changing transmissions). Most slight differences are still noticeable. The trouble is here with big differences, the scariest being the 2 apps that have the same MD5 hash.
0 Comments:
Post a Comment
<< Home