On Thu, April 21, 2005 10:28 am, Ryan A said: > Interesting reading, even though most of it went over my head :-) > There ar'nt any tools freely available to the average joe to decypher a > md5 > hash though...right? No, there aren't. And even the collisions found don't really mean much in the grand scheme of things, from what I've read. The worst-case scenario is that in a few years' time, more likely in MANY years' time, somebody will figure out a way to use hardware not yet available to crack MD5... Even that is more likely to be "crack one out of every 2 billion MD5 values" rather than crack any old MD5 they run across. I really wouldn't sweat this in terms of your day-to-day life/programming, other than to keep your code modular enough to replace "md5" with something else in the year 2020 or whatever. >> MD5 collisions were found last year: >> http://cryptography.hyperlink.cz/md5/MD5_collisions.pdf >> >> Just a matter of time/cpu power. Maybe I'm mis-remembering the article and its implications, but I don't think they can apply that to an arbitrary MD5 hash and reverse it to the plain-text original... It's more like a theoretical "hole" that may some day prove to be the first step in a long long long process of understanding something that might maybe some day yield a way to de-crypt MD5. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
