The MD5 hash algorithm, invented by Ron Rivest, has historically been a key part of digital signatures. It has been considered weak for use in modern digital signature and cryptographic applications but has continued to see use in many systems. However, the long known weaknesses in MD5 are finally exploited in a demonstrable (and disastrous) way.
Many electronic signature solutions use the ubiquitous MD5 hash algorithm to insure the integrity of digital documents. While methods for creating “collisions” for data signed with the MD5 hash have been known for a while, it is highly unlikely that such a collision would actually be a readable document. So the use of MD5 as an internal document checksum for document integrity is probably not a big problem.
The problem is that researchers created a collision that produces a bogus digital signature. This is foundational for SSL on e-commerce sites, and may also be used in electronic signatures that use SSL digital signature algorithms and certificates as part of an authenticating signature. This can be a big problem for electronic signatures.
Fortunately Verisign and many other certificate authorities had already begun the transition to SHA-1 as the signing algorithm of choice. Now everyone can make sure that they update their SSL certificates for their digital signing solutions to certificates that are signed with the more modern SHA-1 algorithm and the makers of electronic signing/verifying applications should not honor MD5-based digital signatures on certificates associated with newly signed documents.
Subscribe to Esignature Post feed
This is a bit funny only because SHA-1 is an old algorithm, too, and itself is being found to be lacking. There’s a new competition (like how AES was selected in the US) for a replacement hashing algorithm, with some just hoping for SHA-256 or the like as it’s familiar.
But moving from MD5 to SHA-1 in 2009 is certainly not indicative of technical progress or sophistication.