Tamas Rudnai wrote: >Actually attackers are using MD5 weaknesses to modify and sign files >and >messages. Do not get me wrong, it is certainly much better than nothing >or >just a parity or CRC32 algorithm and definitely a good enough solution >to >check if the transmission or recovery of a file was successful. >However, >people are shifting from MD5 to SHA1 or even SHA256 for good reason. >MD5 >can be generated on FPGAs or even on Graphics cards surprisingly fast, >and >that's what it makes it vulnerable to attack. I searched for information about preimage attacks on MD5, and all I could f= ind was a 2009 theoretical paper with complexity 2^123, higher than practic= al AFAIK. I wasn't able to find anything about someone actually carrying ou= t a serious MD5 preimage attack. Did you have an example in mind? I'm curio= us to read more now. --=20 Christopher Head Sent from my phone; if you need a digital signature, ask for a resend. --=20 http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist .