Florian Weimer <[EMAIL PROTECTED]> writes: > * David Fetter: >> Is there any country with laws so benighted that they restrict secure >> hashing algorithms? Right now, there's a contest between SHA1 and >> MD5 as to which one gets broken first, and SHA1 appears to be in the >> lead. SHAn for n>1 could preempt the awfulness of losing this race.
> MD5 is broken in the sense that you can create two or more meaningful > documents with the same hash. Note that this isn't actually very interesting for the purpose for which the md5() function was put into core: namely, hashing passwords before they are stored in pg_authid. pg_authid is already secured against viewing by non-superusers, and a superuser can crack into your database account anyway, nyet? So the only reason we bother with hashing here is to keep a superuser from finding out your cleartext password, which might possibly let him crack into non-database services that you foolishly used the same password for. Therefore, it doesn't really matter if he can find another password with the same hash --- that's not guarding against anything interesting. Of course, if you want to store other sorts of protected stuff in the database, you might not want md5, but at that point you're a candidate to use contrib/pgcrypto. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 4: Have you searched our list archives? http://archives.postgresql.org