Re: md5 encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Note my day job IS data communications and security. I am NOT a cryptographer. I am in a different select group that often refer to ourselves as the crypto-plumbers. We know how to carefully use the crypto blocks to build whole systems.

On 08/28/2014 11:34 AM, dustin kempter wrote:
hi all, I just had a question. so I have been hearing that md5 has been compromised, how much of a security threat does this impose? if it is something that poses a large concern is it possible to change the encryption method from md5 to crypt? or another method that is not compromised?

md5 is a message digest / hash. It is an earlier effort by Ron Rivest. It was paired with Ron's rc5 streaming encryption cipher, but lived by itself as one of the major hash functions in 90s (md5, md160 (do I have that right :) ), and sha1). All have been weakened to different levels. md5 has real attacks where with crafted change to a message you can still get the same hash value.

Today you might STILL use sha1; it has had tremendous resiliency. NIST was expecting it to fall as badly as md5 by this point. Most use at least sha256, and sha3 is now out there. Choose your poison.

data confidentiality is another subject.

Hope this helps.


--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org




[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux