Hi! Am 08.06.2012 11:55, schrieb Hendrik v. Raven: > Also a better hashing algorithm than MD5 would be a good idea. MD5 is > completely insecure for cryptographic reasons. Modern hashing > algorithms like SHA2 with a length of 256+ should be used for modern > software.
I agree with your conclusion, since there is really no reason *not* to use one of the SHA2 functions for hashing nowadays. However, to the best of my knowledge, the current cryptanalytic results against MD5 do not allow practical attacks against its usage in password-hashing schemes (particularly once a salt is used to eliminate rainbow tables). The ability to create collisions isn't particularly useful to break a hashed password, you would need a preimage attack to do that. Also, the current collision-attack needs at least two data blocks (i.e., 128 bytes) to work, which further reduces its applicability to passwords. cu, Sven _______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
