On Wed, 16 Mar 2005, Mark Gardner wrote: > Does this mean that anything that uses MD5 as a hash alorithm is > vunerable. So I if i have a website that md5 encrypts passwords to > store in a database, does that mean that I should use something else? > If so what is a good option.
The only difference (ignoring MD5 for a moment) between using hashed passwords and just storing their password in plaintext in your database, is the scenario of someone getting access to your database. If you were using plaintext passwords, then anyone with access to the database would know all the passwords. If you use hashed passwords, then someone has to actually do some work in order to recover the passwords. So your real question is: does this (the recent MD5 breaks) affect the amount of work an attacker has to do in order to recover the passwords? Short answer is no. First of all, we're talking about creating collisions (finding two random-looking files that hash to the same value), not finding some data that hashes to a given value. Second, even if the latter were the case, a dictionary attack would probably get most of the passwords in your database anyway. The only way I can see this possibly being an issue is that, given enough computing power (if the previous post is correct, not very much computing power), somebody, when creating their account, can choose a particular "password" that is actually two *different* passwords, both of which will work if they try to log in with them. I truly doubt you even care :-) ~ Ross -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
