Re: Insecure Hash Algorithms (MD5) and NTLMv2

From: Daniel Miessler (daniel@dmiessler.com)
Date: Thu Nov 03 2005 - 23:44:39 EST

• Next message: Aman Raheja: "Spi's products worth a try? Or any suggestions for developers' tool?"
• Previous message: Thor (Hammer of God): "Re: Insecure Hash Algorithms (MD5) and NTLMv2"
• In reply to: Steve Friedl: "Re: Insecure Hash Algorithms (MD5) and NTLMv2"
• Next in thread: Ben Nagy: "RE: Insecure Hash Algorithms (MD5) and NTLMv2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Nov 2, 2005, at 1:54 AM, Steve Friedl wrote:

> The only weakness that's really in the air is Collision Resistance,
> where we can produce two inputs with the same hash. This is of only
> minor concern in a practical sense, though it certainly does mean that
> blood is in the water and sharks are circling.

Exactly my point. To put it another way, the ability to create
collisions has no bearing on the ability of an attacker to find
unknown inputs to known hashes. Or, in the technical terms that you
highlighted, attacks against collision resistance don't necessarily
lead to attacks on preimage resistance.

Hence, for the purposes of breaking hashes to discover passwords,
NTLMv2 is not significantly affected by the recently discovered
weaknesses in the MD5 hashing algorithm.

-- 
Daniel R. Miessler
M: daniel@dmiessler.com
W: http://dmiessler.com
G: 0x316BC712

• application/pgp-signature attachment: This is a digitally signed message part

• Next message: Aman Raheja: "Spi's products worth a try? Or any suggestions for developers' tool?"
• Previous message: Thor (Hammer of God): "Re: Insecure Hash Algorithms (MD5) and NTLMv2"
• In reply to: Steve Friedl: "Re: Insecure Hash Algorithms (MD5) and NTLMv2"
• Next in thread: Ben Nagy: "RE: Insecure Hash Algorithms (MD5) and NTLMv2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:07 EDT