Bug #5071 MD5 collision
Submitted: 17 Aug 2004 7:57 Modified: 17 Aug 2004 10:02
Reporter: Andre Karpistsenko Email Updates:
Status: Won't fix Impact on me:
None 
Category:MySQL Server Severity:S2 (Serious)
Version:Any OS:
Assigned to: CPU Architecture:Any

[17 Aug 2004 7:57] Andre Karpistsenko
Description:
http://www.mail-archive.com/cryptography@metzdowd.com/msg02579.html
http://eprint.iacr.org/2004/199/

How to repeat:
-

Suggested fix:
Remove MD5 hashing from MySQL :)
[17 Aug 2004 10:02] Sergei Golubchik
Thanks for the very interesting link!

Buit frankly speaking I don't think it's a good reason to remove MD5() - MySQL has a number of far less secure functions (ENCODE and OLD_PASSWORD for example). And MD5() is still "good enough" for many of users. :)