Jump to content
me.mello

The md5crypt() author says the algorithm is no longer secure

Recommended Posts

Posted

THE AUTHOR of md5crypt(), which is used to encrypt passwords on some FreeBSD and Linux-based operating systems, has said it is no longer secure despite being recommended as a password hashing function.

Poul-Henning Kamp implemented Ronald Rivest's MD5 one-way hashing algorithm in his md5crypt() function that has been in use on FreeBSD and Linux-based operating systems for many years. Now Kamp has been forced to say that md5crypt() is no longer secure Md5crypt Password scrambler is no longer considered safe by author — PHKs Bikeshed after he claimed that people were still recommending it for production use.

While Kamp introduced extra functionality in md5crypt() to mitigate against brute-force attacks, processing power has increased to a point where Kamp said that md5crypt() is too fast on commercially available hardware. He told The INQUIRER, "[The] only problem with md5crypt is speed: it's too fast."

Kamp also told The INQUIRER that it had been known for some time that md5crypt() could no longer provide adequate protection, but since people were still recommending the use of md5crypt() in production environments that forced him to make an announcement, urging people to stop using his creation.

While MD5 was cracked using brute force methods back in 2005, Kamp included extra stages in md5crypt() such as salting to increase its computational complexity, and md5crypt() remained too processor intensive for brute force attacks for a while longer. However md5crypt() is the best part of two decades old by now and more computing power, especially with GPGPUs, has meant that hackers can execute md5crypt() on every combination of 10 letters and numbers in a matter of hours.

All hashing algorithms eventually become susceptible to brute-force attacks due to advances in computational power. However the fact that Kamp has been forced to make such an announcement shows that bad practices are still far too common, and that can cost people in terms of security.

Sursa: Even The Author Says md5crypt() Is No Longer Secure ? Packet Storm

  • Upvote 1
Posted

Foarte interesant articolul, e sticky pe forum-ul celor de la phpacademy.org

Cateva sintaxe elementare din articol:

MD5 (Out dated)

NO, NO, NO, NO, NO, MD5 is the worst thing for hashing sensitive data. This is almost as bad as using clear text, even with a Salt it's still horrible.I recommend you to stop using this.

Actually MD5 is really a check-sum, I think of it as a alternative to the mt_rand() function.

Dupa parerea autorului articolul Bcrypt este cel mai puternic sistem de criptare. A postat si o clasa cu Bcrypt.

phpacademy.org | PHP Security: How to safely store your passwords | PHP/Web Development Help & Discussion Forum

Posted

Da, singura metod? de a cre?te durata unui brute (în afar? de folosirea unei parole sigure) este aceea de a cre?te durata cript?rii, dar odat? cu aceasta va sc?dea ?i u?urin?a de a utiliza acea metod? de encrip?ie. În domeniul securit??ii legea guvernant? este: „cu cât un lucru e mai practic (aka user-friendly) cu atât e mai pu?in sigur ?i invers.”

Posted

Multi dintre voi nu ati auzit de double hash.

Exemplu:

Avem parola 123456, se va hashui odata in e10adc3949ba59abbe56e057f20f883e si apoi in 14e1b600b1fd579f47433b88e8d85291 desigur se poate face de N ori treaba asta, mai dati brute force la astea.

Posted
Multi dintre voi nu ati auzit de double hash.

Exemplu:

Avem parola 123456, se va hashui odata in e10adc3949ba59abbe56e057f20f883e si apoi in 14e1b600b1fd579f47433b88e8d85291 desigur se poate face de N ori treaba asta, mai dati brute force la astea.

Din contra, foarte multi au auzit si o folosesc spre nefericirea lor.

E total gresit ce ai spus tu, vad ca ai primit si like-uri pentru asta, dar nu stiu de ce.

Daca citeai articolul care l-am posat eu nu mai ziceai asta.

Citez:

Double Hash

"This is one of the worst things you can do, it can actually create redundant hashes. You can also lower the security by double hashing, by creating redundant data, like so:

sha1(md5($password)) Pointless..."

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...