Posted by Oli Filth on 05/27/05 22:17

simon said the following on 27/05/2005 20:04:
>>>Sorry, but that's not true.
>>>As said, it is technically possible to get the original string but near
>>>impossible to do so.
>>
>>Well, whilst it's technically possible to get a string that hashes to the
>>same
>>value (which is generally all you need if it's used as a password), this
>>only
>>means it _might_ be the original string; it is completely impossible to
>>determine whether it actually _is_ the original string.
>
> And all I was trying to do was to correct the statement that md5 was a one
> way hash.
>

It is one-way, in that it's a many-to-one mapping.

Start with a given string, it will always map to the same hash. Start
with the hash, it could map to any one of an infinite number of strings.


--
Oli

[Back to original message]