Mind your hashes

Are MD5 hashes broken? Well, sort of. Not quite broken enough to make them inadmissible in court (as of end of 2008) but broken enough that with the right tools (and time), one can generate two different sets of input files that have the same MD5 hash value.

DidierStevens has lots more details and a proof of concept on his blog. Didier was able to create an evil file that contains the same MD5 hash as a known good file and thus would pass Authenticode verification.

Here is a site where you can find code to create your own MD5 hash collision.

No comments: