On Aug 31, 2025, at 11:16, nanog--- via NANOG <nanog@lists.nanog.org> wrote:
There is currently no known way to generate a private key that would match your private key hash, faster than brute force, and MD5 still provides adequate protection against brute-force attacks.
While nobody should be designing new protocols using MD5 just because there is no reason to use a hash algorithm that has *any* known weaknesses, its known weaknesses are not relevant to this application.
A method is known to generate two pieces of data with the same MD5 hash. This isn't the same thing as saying that a method is known to generate a piece of data with any given MD5 hash, or the same MD5 hash as another piece of data.
And that’s why this isn’t a CVE with a CVSS score. It’s just an indication of someone cutting corners in a way I’ve never seen before, that makes me wonder what other choices were made. I say that much. -Dan