Re: MD5 math question

[Tim <tim-security () sentinelchicken org>]

> Without knowing the correct password there is no way of knowing that the 
> collision isn't it, and from a practical point of view it doesn't matter 
> in the slightest.

Very true.

> Considering the fact that MD5 has been broken though, I'm fairly 
> surprised it even came up to discussion. It's not exactly hard to find 
> info or even collision-generators.

See... People keep bringing this up, and it is true, MD5 has been
shattered when it comes to collision resistance, but this is not the
same as pre-image or second pre-image resistance.  I don't believe
either of those are broken yet for MD5 (please link me if I am wrong),
so I think this is still a valid discussion, and applicable other hash
algorithms as well.


> As for not using salts, read this. You'll change your mind.
> http://discuss.develop.com/archives/wa.exe?A2=ind0301b&L=advanced-dotnet&T=0&F=&S=&P=4424

Indeed.  Always use salts.  This is one reason LM hashes can be
reversed so readily.


tim

-------------------------------------------------------------------------------
Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. See for yourself. 
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
-------------------------------------------------------------------------------