It gets worse...
Jeremy Allison
jra at samba.org
Fri Aug 20 17:30:55 GMT 2004
I don't know if anyone here follows sci.crypt, but it looks
like a generic method of finding MD4 collisions has been
discovered. No published details yet.
Summary here :
http://jis.mit.edu/pipermail/saag/2004q3/000913.html
"* Weng, Fang, Lai, and Yu have what appears to be a general method for
finding collisions in MD4, MD5, HAVAL-128, and RIPEMD. They
haven't published any details."
This could be very bad for NTLM auth.....
Jeremy.
More information about the samba-technical
mailing list