Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7054327

security tools: MD5 is no longer acceptable in digital signature

    Details

      Description

      On December 24, 2010, Tao Xie and Dengguo Feng announced the first
      published single-block MD5 collision (two 64-byte messages with the same
      MD5 hash) [1]. And in March 2011, an informational RFC (RFC 6151 [2])
      was approved to update the security considerations for the MD5
      Message-Digest and the HMAC-MD5 Algorithms.

      The RFC (RFC 6151) states, "MD5 is no longer acceptable where collision
      resistance is required such as digital signatures. It is not urgent to
      stop using MD5 in other ways, such as HMAC-MD5; however, since MD5 must
      not be used for digital signatures, new protocol designs should not
      employ HMAC-MD5."

      We should probably add a warning to jarsigner if someone tries to sign a jar with anything less secure than SHA-1, and a warning to keytool if someone want to import a certificate into trusted keystore.

      [1]: http://eprint.iacr.org/2010/643.pdf
      [2]: http://www.ietf.org/rfc/rfc6151.txt

        Attachments

          Activity

            People

            • Assignee:
              weijun Weijun Wang
              Reporter:
              xuelei Xue-Lei Fan
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Imported:
                Indexed: