|
Posted by Richard Lynch on 04/22/05 12:26
On Thu, April 21, 2005 10:28 am, Ryan A said:
> Interesting reading, even though most of it went over my head :-)
> There ar'nt any tools freely available to the average joe to decypher a
> md5
> hash though...right?
No, there aren't.
And even the collisions found don't really mean much in the grand scheme
of things, from what I've read.
The worst-case scenario is that in a few years' time, more likely in MANY
years' time, somebody will figure out a way to use hardware not yet
available to crack MD5... Even that is more likely to be "crack one out
of every 2 billion MD5 values" rather than crack any old MD5 they run
across.
I really wouldn't sweat this in terms of your day-to-day life/programming,
other than to keep your code modular enough to replace "md5" with
something else in the year 2020 or whatever.
>> MD5 collisions were found last year:
>> http://cryptography.hyperlink.cz/md5/MD5_collisions.pdf
>>
>> Just a matter of time/cpu power.
Maybe I'm mis-remembering the article and its implications, but I don't
think they can apply that to an arbitrary MD5 hash and reverse it to the
plain-text original...
It's more like a theoretical "hole" that may some day prove to be the
first step in a long long long process of understanding something that
might maybe some day yield a way to de-crypt MD5.
--
Like Music?
http://l-i-e.com/artists.htm
Navigation:
[Reply to this message]
|