I was told that MD5 has a weak key and that Secure Hash Algorithm (SHA-1) is stronger.
-----Original Message----- From: Howie Hamlin [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 19, 2002 12:53 PM To: CF-Talk Subject: Re: only one MD5 hash? You can't recover the text from an MD5 hash. The idea of the hash is that the hash is created based on a known key (a password, for example) and that you can duplicate the results of the hash if you know the original text and the key. MD5 is commonly used in SMTP authentication where the user know his password and the server knows the password. The server presents a challenge string (the string changes each time) that the client uses to produce an MD5 string (using the password as the key). The client then sends the MD5 result to the server and the server compares it to its own result. Thus, you verify the password without actually transmitting it. Regards, Howie ----- Original Message ----- From: "Cameron Childress" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Tuesday, February 19, 2002 11:36 AM Subject: RE: only one MD5 hash? > Brute forcing this 100,000 character string would take a very very very long > time. <snip? > -Cameron ______________________________________________________________________ Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusiona FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
