Posted by Andy Hassall on 09/07/05 01:18

On 6 Sep 2005 14:18:00 -0700, "frizzle" <phpfrizzle@gmail.com> wrote:

>Well, nice to see such a big discussion
>on a topic 'of mine', but with all these pro's
>and contra's i'm still kinda stuck here :-(
>
>I read "If you're implementing something new,
>you're better off choosing a more modern hash
>function. "
>
>What *should* i use then to create a safe
>password system ... ?

The conclusion was that this usage of MD5 remains unaffected by the recent
findings, so in practice it's fine to keep using that.

HMAC-SHA1 is probably a good bet if you're still worried.

See the user-contributed notes on http://uk.php.net/sha1 for an implementation
of HMAC-SHA1. Or: http://pear.php.net/package/Crypt_HMAC

The person who posted the HMAC-SHA1 code in the notes above also linked to
this PDF which has a good chunk of information about holes in authentication
systems:

http://cookies.lcs.mit.edu/pubs/webauth:tr.pdf

But anyway, it's far more likely you'll have real bugs or security holes
elsewhere that'll allow more direct levels of access (e.g. your post on SQL
injection), so you should be worrying more about that, than theoretical levels
of reversability of cryptographically secure hash functions.

--
Andy Hassall :: andy@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool

[Back to original message]