On 6/5/07, Marko Kreen <[EMAIL PROTECTED]> wrote:
both md5 and sha1 are actually easier to bruteforce than
the old DES-based crypt.
If this statement seems weird - the problem is the speed.
MD5 and SHA1 are just faster algorithms than des-crypt.
And there's nothing wrong with fast general-purpose algorithms,
as long their cryptographic properties hold. Starting from
20-30 bytes the bruteforce is really not an option.
But if you have under 10 bytes (let be honest - you have
6 bytes...) the speed start to matter, because it is possible
on random laptop to simply try all combinations.
--
marko
---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
