summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAngelos D. Keromytis <angelos@cvs.openbsd.org>1999-02-12 20:04:06 +0000
committerAngelos D. Keromytis <angelos@cvs.openbsd.org>1999-02-12 20:04:06 +0000
commite8cdeef9a74dad02c4be144e2625364e72715e94 (patch)
tree77cc0e63822fac90152907af5c73701d602aa2ed
parentbe54802ed97f3e6fd772c141057afd781efef889 (diff)
Mention that MD4 is pretty much broken, and MD5 may follow. A couple
more references to the attacks. From FreeBSD.
-rw-r--r--lib/libc/md/mdX.326
1 files changed, 23 insertions, 3 deletions
diff --git a/lib/libc/md/mdX.3 b/lib/libc/md/mdX.3
index 71020135f12..9b83286b961 100644
--- a/lib/libc/md/mdX.3
+++ b/lib/libc/md/mdX.3
@@ -6,7 +6,7 @@
.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
.\" ----------------------------------------------------------------------------
.\"
-.\" $OpenBSD: mdX.3,v 1.9 1998/03/10 04:50:33 millert Exp $
+.\" $OpenBSD: mdX.3,v 1.10 1999/02/12 20:04:05 angelos Exp $
.\"
.Dd October 9, 1996
.Dt MDX 3
@@ -43,8 +43,13 @@ input.
.Pp
MD2 is the slowest, MD4 is the fastest and MD5 is somewhere in the middle.
MD2 can only be used for Privacy-Enhanced Mail.
-MD4 has been criticized for being too weak, so MD5 was developed in
-response as ``MD4 with safety-belts''. When in doubt, use MD5.
+MD4 has been shown to have severe vulnerabilities; it should only be
+used where necessary for backward compatibility.
+MD5 has not yet (1999-02-11) been broken, but recent attacks have cast
+some doubt on its security properties. The attacks on both MD4 and MD5
+are both in the nature of finding ``collisions'' \- that is, multiple
+inputs which hash to the same value; it is still unlikely for an attacker
+to be able to determine the exact original input given a hash value.
.Pp
The
.Fn MDXInit ,
@@ -119,6 +124,21 @@ argument is non-null it must point to at least 33 characters of buffer space.
.Rs
.%A RSA Laboratories
.%T Frequently Asked Questions About today's Cryptography
+.%O \&<http://www.rsa.com/rsalabs/faq/>
+.Re
+.Rs
+.%A H. Dobbertin
+.%T Alf Swindles Ann
+.%J CryptoBytes
+.%N 1(3):5
+.%D 1995
+.Re
+.Rs
+.%A MJ. B. Robshaw
+.%T On Recent Results for MD2, MD4 and MD5
+.%J RSA Laboratories Bulletin
+.%N 4
+.%D November 12, 1996
.Re
.Rs
.%A Hans Dobbertin