And as far as I can tell, gnutls doesn't use MD4 anymore. Marking as Fix
released also for gnutls26.
** Changed in: gnutls26 (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/429907
Title:
md4 should be deprecated
Status in gnutls26 package in Ubuntu:
Fix Released
Status in openssl package in Ubuntu:
Fix Released
Bug description:
openssl s_client and konqueror seem to accept md4 signatures.
IMO md4 is weak - there is preimage attack [1] of 2 rounds 7 steps in
8 hours (the full md4 is 3 rounds == 48 steps == 2 rounds 16 steps.
having in mind the 8 hours attack is by m$, i am inclined to believe
an attack by skilful attacker will take seconds.
note that it is irrelevant if any CA issues new md4 certs - it is
enough to have old valid md4 signature.
[1] http://sat07.ecs.soton.ac.uk/slides/kumarasubramanian-sat07-talk.pdf
Inversion Attacks on Secure Hash Functions using Sat Solvers
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/429907/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
