Question about the security risk of MD5

From what I've read, it looks like there's alot of security issues with MD5 and SHA is becoming the more popular hash option in the Cisco world.

Isn't the algorithm still impossible to reverse engineer? I know there are d-bases that store hash values of common passwords, but the algorithm still hasn't been cracked, right?

Or has it?

Some research has shown that MD5 is not collision resistant. Collision means that two files (or data messages) can have the same MD5 hash value. Researchers has shown a way to append carefully crafted bytes to two distinct files, in order to make them produce the same MD5 hash value. Check here:

www.win.tue.nl/hashclash/SoftIntCodeSign/

Furthermore, MD5 uses a 128bit hash value, while SHA1 uses 160bit hash value, probably making it more collision resistant. Still, vulnerabilities in SHA1 has been also reported. SHA2 however, has been designed to be much more robust, it comes in variants of 224bit, 256bit, 384bit and 512bit hash value lengths.

Thats as far as I just knew

So it seems that the more prone an algorithm is to collision, the less secure it is.

How would an attacker take advantage of this vulnerability? Hash spoofing if there is such a thing?

I know there is research being done at NIST and other agencies, but they do testing with non-practical machines that aren't available to the public.

How would an attacker take advantage of this vulnerability? Hash spoofing if there is such a thing?

One of the applications of hashing is password storage. Many systems need to store passwords in a database or files in such a way that they are almost impossible to decrypt. This is one way of preventing even the administrators from knowing your password. When you login, the system simply applies the hash function to the password you entered and compares the results to the hash value stored in database or file(s), if it matches, you are allowed to login. Hashing is a one way function. It's almost impossible to retrieve the original password.

Now the issue is here, hashing is also a many-to-one function. In other words, many passwords can map to the same hash value. Thats what is called "collision". Collision is a property of all hashing functions. This is NOT the problem. The problem is HOW EASY it is to produce a collision in a hashing function. In theory, the more bits the hash value has the more difficult it is to find a collision, BUT the more computation time you need to calculate the hash value.

Now if producing the collision is relatively easy, this means that if a hacker obtained the hash value of your password, he could find another password that produces the same hash value, and therefore be able to login as you, without knowing your password!!

This is just an example of the trouble. Many other scenarios are possible.

Ah OK, that makes sense. Thanks S0lo.

It is not easy to produce a similar digest from different messages that is why this
form of hacking is not making headlines because I have been
following the FBI site for ICCC reports for some time now.

in the interest of analytic clarity encryption is the act of masking information. we have symmetric and assymetric
encryption. Assymetric encryption is directly linked to what nevins is talking about where two communicating devices
use a private and a public key for encryption and decryption.a real life application of encryption is digital
signature for authenticating the source of data.lets say we have two computers( comp1 and comp2) trying to
communicate each having a private and a public key.what happens is that our message from comp1 goes into a
hashing funtion to produce a digest, then the private key of comp1 will be aplied on the digest to produce
an encrypted digest which will be transported to comp2.comp2 will use the public key of comp1 to decrypt the encrypted
digest . comp2 will make a comparison of running it s original message in a hashing function to come out with a
digest which should match this digest to prove that the source is authentic.

here is the problem

hash functions rely on the fact that you cant bring two different messages to arrive at thesame digest if that
happens then we have a collission. collision is always part of the game, nobody ever said we wont have a collision
so all we need is a good hashing function that has a very low collission.the criminal hacker tries to run
a message that will give thesame value with the digest in question so that with little permutation he could arrive
at the original message.

I will advice us to revisit the birthday parodox where mathematician worked the number of people that when
placed in thesame room will make two of the people have thesame birthday, and you know what, they arrived at the
figure 23 people- very interesting.