[lug] MD5 strength?
Chuck Wiechman
wiechdoctor at earthlink.net
Sat Aug 31 07:26:19 MDT 2002
Check out http://www.scramdisk.clara.net/pgpfaq.html
it takes a look at most of the popular algorithms including md5. Its
pretty long but well worth the read.
On Fri, 30 Aug 2002, D. Stimits wrote:
> I am curious, for the MD5 password hash, is this currently considered
> strong, or is it easily broken by normal hardware? I have people telling
> me that password hash is useless and broken quite easily, and if this is
> about old style passwords, I agree...but with MD5, I do not believe that
> any real weakness, other than perhaps theoretical, has been found. If
> someone uses a buffer overflow attack to email the shadow file, and if
> the shadow file is MD5, what kind of difficulty would the attacker have
> at cracking non-common passwords (passwords not from a common words,
> where it must actually be broken instead of guessed)?
>
> D. Stimits, stimits AT attbi.com
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>
More information about the LUG
mailing list