Now that the firestorm over implementing Md5 has quieted down a bit, is anybody aware of whether the exploit has been used? Feel free to reply off list. Thanks, Keith Wallace Director, Telecommunications PC Connection Services
On May 3, 2004, at 6:26 PM, kwallace@pcconnection.com wrote:
Now that the firestorm over implementing Md5 has quieted down a bit, is anybody aware of whether the exploit has been used? Feel free to reply off list.
I would also be interested in what %-age of peers are MD5-ized? And if anyone has had any operational issues with the MD5 process - issues contacting peers, software incompatibility, varying key synchronization processes, additional CPU, re-writing internal tools, monitoring MD5-ness, etc.? Happy to collect the data off-list and reply with the summarized / anonymized stats. -- TTFN, patrick
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Now that the firestorm over implementing Md5 has quieted down a bit, is anybody aware of whether the exploit has been used? Feel free to reply off list.
Even more interesting, did anyone manage to reproduce it? - - kurtis - -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQJdXIKarNKXTPFCVEQJKTwCgmyDLv/H3Ho/iaor6RBAx3Mqy3dMAoPiF rVKmj6c4p/dHGu4I1AFvBH01 =dnJN -----END PGP SIGNATURE-----
In message <C4E8C22A-9DA6-11D8-B28B-000A95928574@kurtis.pp.se>, Kurt Erik Lindq vist writes:
Now that the firestorm over implementing Md5 has quieted down a bit, is anybody aware of whether the exploit has been used? Feel free to reply off list.
Even more interesting, did anyone manage to reproduce it?
I don't know if it's being used; I know that reimplementations of the idea are out there. --Steve Bellovin, http://www.research.att.com/~smb
participants (4)
-
Kurt Erik Lindqvist
-
kwallace@pcconnection.com
-
Patrick W.Gilmore
-
Steven M. Bellovin