Be warned, crypto isn't a strength of mine, so any/all of this may be
total BS.
Ross wrote:
Does md5 really offer much in terms of protection?
Depends on what you're doing with it. AFAIK, md5's weakness comes in the
form of collisions - it has been cryptanalysed to the point where it is
no longer reasonable for high security purposes. It is possible to
create two different strings (i.e. documents, passwords) that result in
identical md5 hashes. It is likely possible to find alternate passwords
if the md5 is known - if a user can get a hold of your md5'ed passwords,
they may be able to come up with another password that will create the
same MD5 hash, thus would be capable of logging in to the system.
If what you're trying to protect is reasonably sensitive, don't use it
to verify that a document hasn't been tampered with, and don't use it to
hash passwords though salting may help.
The algorithm is really well known.
IMO, that's a good thing. I'd much rather have an algorithm that is well
known, well analysed and *still* secure over an unknown and untested
algorithm.
I would like to hear your thoughts and poosible alternatives (mcrypt?)
sha1 has also been cryptanalysed but should be more secure than md5. I
think sha256 is believed to be secure. PHP 5.2 seems to have a 'hash'
function that can generate many atypical hashes like sha256.
jon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
