If I could find the link I would send it, but I read about 6 months
back on RSA Data Security's website that a study was being done by
mathemetician's and at the time they were theorizing that they highly
doubted any overlap in keysums but if such did exist they believed that
the key you would have to MD5 to get the same sum would have to be
several "chapters" worth of characters. Point of the story is, it's
highly, highly, highly unlikely.

Adam Voigt

On Wed, 2002-08-14 at 02:36, Robert Parker wrote:
> On Tuesday 13 August 2002 12:20 pm, you wrote:
> > Makes sense, except if you use upper and lowercase characters,
> > numbers, and symbols (as you should for secure passwords). I
> > would think that with these kind of passwords, storing the sheer
> > number of posibilites would get slightly large. And I mean even
> > if it is easy to break, it's more secure then storing them clear
> > text.
> >
> > Adam Voigt
> Thing that really scares me about MD5 being used anywhere that's easily
> accessible is what happens if 'pussycat' maps on to the same hash as 
> 'H&3ph!3s09Zw'. The crackers don't need the original password just something 
> that generates the same hash.
> Bob Parker

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to