- Impact
- 76
In your opinion, which one is better for generating a hash, whether for passowrds or hashing files, etc.?
Thanks.
Thanks.
theparrot said:For pw, sha1 for sure, md5 has been 'broken'. For other applications it depends, sha1 is slower then md5.
theparrot said:I don't know what you consider broken, but in general when you can find collisions for a hash it is considered broken, and the paper published by Wang, Feng, Lai and Yu in August shows how to do just this. Why would you not now say md5 has been broken?
As I said what hash to use, depends on the application, but if security is a real issue, md5 even with a salt should not be the choice of a new application.
BTW, a salt is to slow down a dictionary attack.... so md5 with a salt at this time also makes no sense for a new deployment.
qxh said:75dc34b59d987a91e25290b29986149 :p
theparrot said:I don't know what you consider broken, but in general when you can find collisions for a hash it is considered broken, and the paper published by Wang, Feng, Lai and Yu in August shows how to do just this. Why would you not now say md5 has been broken?
As I said what hash to use, depends on the application, but if security is a real issue, md5 even with a salt should not be the choice of a new application.
BTW, a salt is to slow down a dictionary attack.... so md5 with a salt at this time also makes no sense for a new deployment.
axilant said:He is 100% right. There are people that can read md5 as a whole new language, its been done. I mean your probally the non-social person in the world, but im sure its been done. And yes its broken. Theres applications that run strings after strings to match a hash and it gives you the out put. Im sure this can be done in sha1 as well. I can actually say make your own encryption, split the password in 2, have 2 fields, decrypt them, use explode and such to do this and make them recompile the password. Sounds dumb, but its actually pretty cool.
nicholas said:Thanks for the insights everybody-- those opinions and notes from real-world experiences are exactly what helps. I'm redesigning and recoding an older custom script for a client (which uses md5 throughout on various things) and wanted to get your views on SHA1 to help decide if it's worth the trouble reexamining the code with implications on optimization, sizes, etc., and changing it or retaining the md5 hashes.
Any more notes you'd like to share please don't hesitate to add. Thanks!
qxh said:You can't read md5, how can you read a hash of something? :red:
deadserious said:How about use both, SHA1 the MD5?
theparrot said:Maybe it would help if you said what it is using it for? Does it really need a cyptographic grade has or just one with good distribution properties, is it for long term storage or short one offs with limited life spans etc..
theparrot said:why? can't think of any point to this, except for storing some hashes with that people can use the hash to verify a file download, in case the do not have software to generate one or the other.