SHA-0,MD5 Broken,Some times SHA-1 Also :(

[Asanka Priyanjitih <AP...@virtusa.com>]

Hi All

 

 

SHA-0, MD5 hashing algorithms have some collations (
http://slashdot.org/article.pl?sid=04/08/17/0030243 and 
http://www.rtfm.com/movabletype/archives/2004_08.html#001054 ). There's
a rumor circulating at the Crypto conference, which is being held this
week in Santa Barbara, that somebody is about to announce a partial
break of the SHA-1 cryptographic hash function. If it is true it is very
risk for us. Because we are using SHA -1 for message digesting and also
we are dealing with big XML message. So this is a good time to listen to
this issue.

 

http://www.freedom-to-tinker.com/ This link has more information:-).

 

 

Regards,

G J Asanka Priyanjith

 

 

 

EX:

 

 

C:\OpenSSL\bin>openssl sha File.bin File1.bin

SHA(File.bin)= c9f160777d4086fe8095fba58b7e20c228a4006b

SHA(File1.bin)= c9f160777d4086fe8095fba58b7e20c228a4006b

 

C:\OpenSSL\bin>openssl md5 md5file.binmd5file1.bin

md5file.binmd5file1.bin: No such file or directory

 

C:\OpenSSL\bin>openssl md5 md5file.bin md5file1.bin

MD5(md5file.bin)= a4c0d35c95a63a805915367dcfe6b751

MD5(md5file1.bin)= a4c0d35c95a63a805915367dcfe6b751

 

C:\OpenSSL\bin>



--------------------------------------------------------------------------------------------------
This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only.  Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited.  If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.