From c74cccf0f8a60be5a4f3c3a1743c6d1795d82198 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Thu, 2 Mar 2017 00:27:21 +0000 Subject: [PATCH] Update to reflect that SHA-1 has now been broken. Submitted by: ak MFC after: 1 week --- sbin/md5/md5.1 | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/sbin/md5/md5.1 b/sbin/md5/md5.1 index f877c1e1ace1..acc2cdc2680e 100644 --- a/sbin/md5/md5.1 +++ b/sbin/md5/md5.1 @@ -1,5 +1,5 @@ .\" $FreeBSD$ -.Dd January 7, 2017 +.Dd March 2, 2017 .Dt MD5 1 .Os .Sh NAME @@ -84,21 +84,17 @@ in a secure manner before being encrypted with a private key under a public-key cryptosystem such as .Tn RSA . .Pp +The .Tn MD5 -has been completely broken as far as finding collisions is -concerned, and should not be relied upon to produce unique outputs. -This also means that -.Tn MD5 -should not be used as part of a cryptographic signature scheme. -At the current time (2014-05-17) there is no publicly known method to -.Dq reverse -MD5, i.e., to find an input given a hash value. -.Pp +and .Tn SHA-1 -currently (2014-05-17) has no known collisions, but an attack has been -found which is faster than a brute-force search, placing the security of -.Tn SHA-1 -in doubt. +algorithms have been proven to be vulnerable to practical collision +attacks and should not be relied upon to produce unique outputs, nor +should they be used as part of a cryptographic signature scheme. +As of 2016-03-02, there is no publicly known method to +.Em reverse +either algorithm, i.e. to find an input that produces a specific +output. .Pp .Tn SHA-512t256 is a version of @@ -111,6 +107,8 @@ The hashes are not interchangeable. .Pp It is recommended that all new applications use .Tn SHA-512 +or +.Tn SKEIN-512 instead of one of the other hash functions. .Pp The following options may be used in any combination and must