RE: Repository Passwords are in clear text?

From: Leon Zandman <lzandman_at_lode.nl>
Date: 2005-11-16 22:30:47 CET

> No, MD5 is not brute forceable, easy or not so easy. If you
> read the website you pointed to, you'll see it says no such
> thing. Which is good because it would be fiction otherwise.

From a Slashdot story that ran yesterday:

"Patrick Stach has announced the availability of his source code for
finding MD5 collisions and MD4 collisions. MD4 collisions can be found
in a few seconds (but nobody uses that any more), while MD5 collisions
(still being used!) take 45 minutes on a 1.6 GHz P4."
http://it.slashdot.org/article.pl?sid=05/11/15/2037232&tid=172&tid=93&ti
d=228

http://www.stachliu.com.nyud.net:8090/collisions.html

45 minutes... So, I guess MD5 isn't as safe as you think.

Greetz,

Leon Zandman

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Nov 16 22:33:30 2005

This message: [ Message body ]
Next message: Theisen, Gary: "RE: Potential New User questions"
Previous message: Gavin Lambert: "RE: Fast version control while work proceeds"
Maybe in reply to: Maurizio de Pascale: "Repository Passwords are in clear text?"
Next in thread: Joachim Durchholz: "Re: Repository Passwords are in clear text?"
Reply: Joachim Durchholz: "Re: Repository Passwords are in clear text?"
Reply: Phil Endecott: "Re: Repository Passwords are in clear text?"
Reply: Paul Koning: "RE: Repository Passwords are in clear text?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]