Roman Ivanov wrote:
Ilia Alshanetsky wrote:
You cannot give it
an md5 and have it generate you a string with the same md5 hash, so md5
is still relatively safe.
http://www.google.com/search?q=md5+hash+lookupstart=0start=0ie=utf-8oe=utf-8client=firefox-arls=org.mozilla:en-US:official
I'd
Jacques Marneweck wrote:
Are there any chances of getting this implemented in the next releases
of PHP 5.0.X and 4.4.X?
I don't think there will be any further 5.0.x release.
Sebastian
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit:
Ilia Alshanetsky wrote:
You cannot give it
an md5 and have it generate you a string with the same md5 hash, so md5
is still relatively safe.
http://www.google.com/search?q=md5+hash+lookupstart=0start=0ie=utf-8oe=utf-8client=firefox-arls=org.mozilla:en-US:official
--
PHP Internals - PHP
Stefan Esser wrote:
Hello,
with MD5 and SHA1 more or less broken, I have hacked together sha256() and
sha256_file(),
because people want a secure hashing function in plain PHP without the need for
3rd party
libraries like mhash.
assuming this is true then the built in session handler is
Hello,
assuming this is true then the built in session handler is pretty
vulnerable right now no?
one only has the choice of md5 or sha1 for the hashing mechanism of
the session handlers id
as far as I can see ... if php gets a sha256 in the core it would
possibly be a good thing
to make
I just read this news that an MD5 collision can now be done by anyone in 45
minutes (avg) on a P4 1.6 GHz:
http://it.slashdot.org/article.pl?sid=05/11/15/2037232threshold=-1tid=172tid=93tid=228
http://www.stachliu.com.nyud.net:8090/collisions.html
MD5 as the standard for hashing is definately
Ron Korving wrote:
I just read this news that an MD5 collision can now be done by anyone in 45
minutes (avg) on a P4 1.6 GHz:
http://it.slashdot.org/article.pl?sid=05/11/15/2037232threshold=-1tid=172tid=93tid=228
http://www.stachliu.com.nyud.net:8090/collisions.html
MD5 as the standard for
Ilia Alshanetsky [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Ron Korving wrote:
I just read this news that an MD5 collision can now be done by anyone in
45
minutes (avg) on a P4 1.6 GHz:
http://it.slashdot.org/article.pl?sid=05/11/15/2037232threshold=-1tid=172tid=93tid=228
Right, so bottom line, MD5 is showing signs of fatigue. Not broken or
even significantly weak when used properly, but she's in the twlight years
and it's time to send ma to the old folks home for some rest and green
jello.
SHA1 isn't quite the matriach yet, but despite having miles to go before
Ilia Alshanetsky wrote:
Stefan,
There will be another RC, but I'd prefer to reserve this feature till
PHP 5.1.1.
Ilia
Hi Guys,
Are there any chances of getting this implemented in the next releases
of PHP 5.0.X and 4.4.X?
Regards
--jm
--
Jacques Marneweck
Sara Golemon wrote:
Right, so bottom line, MD5 is showing signs of fatigue. Not broken or
even significantly weak when used properly, but she's in the twlight years
and it's time to send ma to the old folks home for some rest and green
jello.
Also there are sites hosting md5 hashes and
Right, so bottom line, MD5 is showing signs of fatigue. Not broken or
even significantly weak when used properly
Also there are sites hosting md5 hashes and the equivalent text for
password cracking.
This is exactly what I meant by used properly the problem you're
describing becomes
Hello,
with MD5 and SHA1 more or less broken, I have hacked together sha256() and
sha256_file(),
because people want a secure hashing function in plain PHP without the need for
3rd party
libraries like mhash.
Both functions are already available to users of the PHP Hardening-Patch for
quite a
Stefan,
There will be another RC, but I'd prefer to reserve this feature till
PHP 5.1.1.
Ilia
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
14 matches
Mail list logo
