In theory there are no new security implications, since you shouldn't be using M... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rmc on Jan 29, 2012 \| parent \| context \| favorite \| on: Single-block collision for MD5 In theory there are no new security implications, since you shouldn't be using MD5 for secure stuff anyway. The writing has been on the wall for MD5 for a while. This is just another interesting nail in the coffin. It's getting easier and easier to do thing with MD5 that you shouldn't be able to do.

muyuu on Jan 29, 2012 [–]

It's still not trivial at all to introduce a payload and make it so the whole package matches a MD5 hash. Haven't seen a PoC ever do this.

Would recommend to go SHA anyway.

nitrogen on Jan 30, 2012 | [–]

Several proofs of concept have been listed elsewhere in the thread.

muyuu on Jan 30, 2012 | | [–]

Thanks, they weren't there when I posted. Will look into that.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact