2008/6/12 Ben Caplan <[EMAIL PROTECTED]>: > Ah. > > Is MD5 really that easy to brute-force? hmm... > > How about if each ballot also includes a proof-of-work? This should > make searching for collisions harder. > > That is, instead of random noise as your salt, include the MD5 hash > of a string beginning with (say) your name and the proposal number, > and the salthash would have to begin with N zeroes. >
OR
we should use an SHA-2 hash like SHA-{128,256,512}.
ehird
