Re: Re: How safe is a .htaccess file?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2010/8/24 Bob McConnell <rvm@xxxxxxxxx>:
> From: Peter Lind
>
>> On 24 August 2010 15:43, Gary <php-general@xxxxxxxxxxxxxxx> wrote:
>>> Jan G.B. wrote:
>>>
>>>> The weakness of MD5 is mainly because MD5 collisions are possible.
>>>> That means, that different strings can have the same MD5-hash...
>>>
>>> http://en.wikipedia.org/wiki/MD5#cite_note-1
>>
>> It's worth noting that that essentially does not touch upon whether or
>> not MD5 can be considered safe or not as a means to store password
>> information. The researchers have discovered ways of crafting inputs
>> to easily find colliding hashes - they have not discovered any easy
>> means to craft an input that will collide with a given hash.
>
> That's a simple matter of brute force, which can be done once and saved
> for instant use later. However, putting a salt into your algorithm
> pretty much eliminates the chances of success using that attack.
>
> Bob McConnell
>
Thanks..
actually it's quite annoying when you post an answer which
tries to explain a subject and people just post a link as
response to one citation which somehow lacks relevance on the topic.

My intro-sentence was "I'm not a crypto expert".

Gary, do you expect me to read the full detail report of Tao Xie and
Dengguo Feng?
Can you sum it up in two or three sentences?

Regards

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux