lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


MD5 is not as bad as this may sound. 

For an overview of what exactly is vulnerable and what not see here:
http://www.cryptography.com/cnews/hash.html

   Joerg

>For those who have not kept track of developments in 
>cryptography lately:
>
>The MD5 and SHA1 algorithms are both vulnerable to collision 
>attacks faster than brute force, in the case of MD5 the attack 
>only takes hours on a desktop machine. A collision attack is 
>an attack that finds strings a, b where a ~= b but hash(a) == hash(b). 
>
>This may or may not be a problem depending on what you use 
>these algorithms for, and how you use them. If you are 
>digitally signing strings provided by others it is a problem, 
>because your signature matches more than one string.