It gets worse...

Jeremy Allison jra at
Fri Aug 20 17:30:55 GMT 2004

I don't know if anyone here follows sci.crypt, but it looks
like a generic method of finding MD4 collisions has been
discovered. No published details yet.

Summary here :

"* Weng, Fang, Lai, and Yu have what appears to be a general method for
  finding collisions in MD4, MD5, HAVAL-128, and RIPEMD. They
  haven't published any details."

This could be very bad for NTLM auth.....


More information about the samba-technical mailing list