On 6/5/07, Marko Kreen <markokr@xxxxxxxxx> wrote:
On 6/5/07, Marko Kreen <markokr@xxxxxxxxx> wrote: > both md5 and sha1 are actually easier to bruteforce than > the old DES-based crypt. If this statement seems weird - the problem is the speed. MD5 and SHA1 are just faster algorithms than des-crypt. And there's nothing wrong with fast general-purpose algorithms, as long their cryptographic properties hold. Starting from 20-30 bytes the bruteforce is really not an option. But if you have under 10 bytes (let be honest - you have 6 bytes...) the speed start to matter, because it is possible on random laptop to simply try all combinations. -- marko
pgcrypto also supports md5, so I'm not sure what you're referring to here. As I already mentioned, *salting* before you hash is a very important step. I'm not sure if you saw that in my post. Without a salt, it's trivial to generate a list of all combinations of md5'd strings and their results, up to reasonable lengths. Then it would be very simple to look up each hash and get the original text. With a salt, you need to generate all possible md5s for all possible salts -- a much harder task. In any case, pgcrypto seems to be a nice and full featured tool, so one should use that instead of rolling their own.