[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: MD5 collisions found - alternative?

On Wed, Aug 25, 2004 at 12:44:43AM +1000, Daniel Pittman wrote:
> Also, while there are issues with those hash algorithms, I don't think
> they are quite bad enough that there is a significant *immediate* risk
> to my systems; the cost of breaking in through the detected collisions
> is lower than the risk of a bad password, etc.

I think you meant s/cost/risk/ there.  And I thoroughly agree -- it still
appears to be far easier to brute-force check the poor-password-space than
it is to reverse-generate an equivalent plaintext given a random MD5 hash.

- Matt

Attachment: signature.asc
Description: Digital signature

Reply to: