welcome to “collision is not pre-image” day

If you start your day with slashdot (the informational equivalent of a Snickers-and-Skittles breakfast, IMO, but that’s for another day) or know someone who does, you’re probably aware that “something bad happened to MD5 today“. If you’re not, odds are good you don’t need to really care about it very much, so you can move to the next post in your feed reader.

There are a number of places you can go for a good explanation of what the significance of the MD5 attacks are, which should be a prerequisite for commenting on the effects of making those attacks faster (that’s today’s news; source for a long-known attack made public). It is not, however, so the internets are all atwitter about attacks on MD5-hashed passwords (still fine), software verification (still largely fine, other than bait-and-switching for some edge cases), certificate authorities (could be some really nasty baits-and-switches here), and P2P network poisoning (right in the jimmy).

If you are the sort of person who actually reads to understand before writing to inform, you should probably block off 30 minutes or so for explaining to the breathless around you what actually happened today, and what the attacks really represent in practical terms. (In theoretical terms, they are indeed a mortal blow, but there has been no shortage of such blows for MD5 and SHA-1 for a while now. Anyone building new crypto-using systems, or maintaining existing ones, has been moving to other hash functions for a while, or should have been.)