[lug] MD5 strength?

rm at fabula.de rm at fabula.de
Sat Aug 31 07:20:05 MDT 2002


On Fri, Aug 30, 2002 at 06:48:40PM -0600, D. Stimits wrote:
> I am curious, for the MD5 password hash, is this currently considered 
> strong, or is it easily broken by normal hardware? I have people telling 
> me that password hash is useless and broken quite easily, and if this is 
> about old style passwords, I agree...but with MD5, I do not believe that 
> any real weakness, other than perhaps theoretical, has been found. If 
> someone uses a buffer overflow attack to email the shadow file, and if 
> the shadow file is MD5, what kind of difficulty would the attacker have 
> at cracking non-common passwords (passwords not from a common words, 
> where it must actually be broken instead of guessed)?

Humpf? As the name 'hash' allready implies: there is no way to "break"
an MD5 password--the original password can't be recovered from the
crypted version (the crypted version is a _M_essage _D_igest). Now, for
login etc. you don't _need_ the original version, you only need a word
that will hash to the same value, and that's where the concerns you mention
start: given enough hardware it's possible to find words that hash to
the same value. So, for really strong security you might want to pick
another digest method (SHA seems to be safe).

  Ralf Mattes

> D. Stimits, stimits AT attbi.com
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug



More information about the LUG mailing list