2010/8/24 Bob McConnell <r...@cbord.com>:
> From: Peter Lind
>> On 24 August 2010 15:43, Gary <php-gene...@garydjones.name> wrote:
>>> Jan G.B. wrote:
>>>> The weakness of MD5 is mainly because MD5 collisions are possible.
>>>> That means, that different strings can have the same MD5-hash...
>>> http://en.wikipedia.org/wiki/MD5#cite_note-1
>> It's worth noting that that essentially does not touch upon whether or
>> not MD5 can be considered safe or not as a means to store password
>> information. The researchers have discovered ways of crafting inputs
>> to easily find colliding hashes - they have not discovered any easy
>> means to craft an input that will collide with a given hash.
> That's a simple matter of brute force, which can be done once and saved
> for instant use later. However, putting a salt into your algorithm
> pretty much eliminates the chances of success using that attack.
> Bob McConnell
actually it's quite annoying when you post an answer which
tries to explain a subject and people just post a link as
response to one citation which somehow lacks relevance on the topic.

My intro-sentence was "I'm not a crypto expert".

Gary, do you expect me to read the full detail report of Tao Xie and
Dengguo Feng?
Can you sum it up in two or three sentences?


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to