开发者

MD5 security is fine? [closed]

开发者 https://www.devze.com 2023-03-22 11:03 出处:网络
Closed. This question is opinion-based. It is not currently accepting answers. Want to improve this question? Update the question so it can be answered with facts and citations by editing th
Closed. This question is opinion-based. It is not currently accepting answers.

Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.

Closed 6 years ago.

Improve this question

Im new at coding so Maybe I've missed the point of what md5 is about. But from what' i've experienced MD5 encryption is "static" for each word. By static i mean you will always find the same result for example md5("hello"). And this makes me think that is is highly reversible using a library.

What if md5("hello") was assigned a number (example 5), and the string for example

xbuIdSjsdsjsd44s64sd was its encryption. and was equal to 5 but what if sfoiefef465f4ze4f6fe was also its encryption. and was also equal to 5

Because both for a mathematical calculation ends to the same result. That would be dynamic encryption?

I think, but I tell you I'm a newb at all this, so those are just questions that bother me, I think that people who have access to the 开发者_C百科database md5's password, can reverse them easily by testing words and stocking them as a library.

what do you think guys? and is there an alternative to md5?

thank for any help or enlightnment


For storing passwords no fast hash function which include md5 and SHA1/2 (even when salted) is acceptable. You need to use a slow hash, typically in the form of a Key-Derivation-Function to slow down brute-force. PBKDF2 and bcrypt are popular choices. You should also use a random per user salt.


These are indeed legitimate concerns. You might find the following articles interesting:

  • Rainbow table
  • Salt

But MD5 is considered "broken" by security professionals. It depends on exactly what your requirements are: MD5 might be suitable, but more secure hashes like the SHA-2 family would probably be a wiser choice, or even key-strengthening techniques such as PBKDF2 (as CodeInChaos suggests).

Note that your choice of hash algorithm alone can't be considered either secure or insecure in isolation. It's important to use the hash algorithm in a proven, tried-and-tested way.


Whether MD5 is safe to use depends on what you use it for, and how.

For message integrity, MD5 is not suitable any more because there exists an attack for finding an alternate message with the same hash.

For storing passwords in a database, MD5 is acceptable, supposed you salt it properly. For this usage, the known attack is entirely unimportant.
If you are in paranoia mode, you can use a more complicated scheme like bcrypt too, but for most people, storing a salted password is just good enough. It prevents the easiest, most obvious attack, is easy to implement, hard to do wrong, and has low overhead.

Note that two different passwords having the same hash value is not really a problem under normal conditions. This happens, so what.

Having said that, using SHA instead of MD5 does not really cost anything extra. It has more bits, no known attack, and is supported by every half decent library.

0

精彩评论

暂无评论...
验证码 换一张
取 消