On Wed, 2005-11-16 at 10:29 -0500, Tom Lane wrote:
> Wim Bertels <[EMAIL PROTECTED]> writes:
> > the sourcecode of a md5 collision generator has been released,
> > it takes about 45 minutes to generate.
> > ..so to an "eve" with this knowledge md5 is almost the same as plain text..
>
> Really?
>
> The fact that you can construct pairs of strings with matching md5
> hashes does not mean that you can find a string with the same md5 hash
> as a given string.
>
> The existence of this algorithm is disturbing, since it implies that MD5
> is weaker than people thought, but it IS NOT a useful password cracker,
> and there's no reason for immediate panic.
agreed, the given "picture" was too simple
>
> regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
