|P is for Practical|
Re^8: On showing the weakness in the MD5 digest function and getting bitten by scalar contextby BrowserUk (Pope)
|on Aug 28, 2004 at 08:34 UTC||Need Help??|
From the RFC (which you appear to be (mis)quoting) -- my highlighting:
This document describes the MD5 message-digest algorithm. The algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input.
Cryptographic hashes are supposed to prevent someone from doing either one.
Nowhere in that do I see MD5 described as a "cryptographic hash"? Any application that uses a "digital signature" as a "cryptographic hash" based upon "conjectured...computational infeasibility" is a misapplication of the algorithm.
If the application needs a "cryptographic hash", it should be using one.
There are more uses of MD5 than are dreamt of in your philosophy, Horatio.
Ah yes, my dear