It gets worse...

Jeremy Allison jra at samba.org
Fri Aug 20 17:30:55 GMT 2004


I don't know if anyone here follows sci.crypt, but it looks
like a generic method of finding MD4 collisions has been
discovered. No published details yet.

Summary here :

http://jis.mit.edu/pipermail/saag/2004q3/000913.html

"* Weng, Fang, Lai, and Yu have what appears to be a general method for
  finding collisions in MD4, MD5, HAVAL-128, and RIPEMD. They
  haven't published any details."

This could be very bad for NTLM auth.....

Jeremy.


More information about the samba-technical mailing list