On 12 August 2010 09:48, Adam Richardson <simples...@gmail.com> wrote:
> On Wed, Aug 11, 2010 at 6:50 PM, tedd <t...@sperling.com> wrote:


>   1. MD5 - Use of this old algorithm to produce your keys limits your key
>   space due to collisions AND the fact that 3DES accepts keys longer than the
>   128 bit output MD5 produces.  Additionally, only 64 bits of the MD5 digest
>   are utilized in the 3DES initialization vector.

Good point about the key based on md5. Whether or not the key would be
too short depends upon how md5() was used though - if the default was
used, the key would be long enough (32 char string) but even weaker -
keyspace of 16^24 vs. 128^16.


WWW: http://plphp.dk / http://plind.dk
LinkedIn: http://www.linkedin.com/in/plind
BeWelcome/Couchsurfing: Fake51
Twitter: http://twitter.com/kafe15

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to