From 1016f72b934bf9ef2cc190a09ce82c157ce46d96 Mon Sep 17 00:00:00 2001 From: des Date: Sun, 12 Mar 2017 13:14:49 +0000 Subject: MFH (r314528): update to reflect the state of SHA-1 --- sbin/md5/md5.1 | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) (limited to 'sbin/md5') diff --git a/sbin/md5/md5.1 b/sbin/md5/md5.1 index 6fa0393..b3fd5ea 100644 --- a/sbin/md5/md5.1 +++ b/sbin/md5/md5.1 @@ -67,21 +67,17 @@ in a secure manner before being encrypted with a private key under a public-key cryptosystem such as .Tn RSA . .Pp +The .Tn MD5 -has been completely broken as far as finding collisions is -concerned, and should not be relied upon to produce unique outputs. -This also means that -.Tn MD5 -should not be used as part of a cryptographic signature scheme. -At the current time (2014-05-17) there is no publicly known method to -.Dq reverse -MD5, i.e., to find an input given a hash value. -.Pp -.Tn SHA-1 -currently (2014-05-17) has no known collisions, but an attack has been -found which is faster than a brute-force search, placing the security of +and .Tn SHA-1 -in doubt. +algorithms have been proven to be vulnerable to practical collision +attacks and should not be relied upon to produce unique outputs, nor +should they be used as part of a cryptographic signature scheme. +As of 2016-03-02, there is no publicly known method to +.Em reverse +either algorithm, i.e. to find an input that produces a specific +output. .Pp .Tn SHA-512t256 is a version of @@ -94,6 +90,8 @@ The hashes are not interchangeable. .Pp It is recommended that all new applications use .Tn SHA-512 +or +.Tn SKEIN-512 instead of one of the other hash functions. .Pp The following options may be used in any combination and must -- cgit v1.1