RE: Stop Using MD5
There's nothing wrong with using a properly salted MD5 hash for passwords. A different, randomly generated salt for each password makes it totally infeasible to generate the sort of rainbow hash tables that lets you crack unsalted MD5 passwords in minutes. That being said, I haven't examined the implementation in the Rusnak script.
The best weakness result I'm aware of for MD5 is the ability to generate two plaintext sequences which both hash to the same value. This is more or less worthless for an attacker on this system. You could generate two passwords, both of which hash to the same value, and use either one to log in to your account. But you don't get to choose either password or the hash value you end up with. This is a very different task to finding a plaintext sequence which hashes to a *specific* value.
|
04-21-2009, 02:29 AM
Threaded Mode