[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Repository Passwords are in clear text?

From: Leon Zandman <lzandman_at_lode.nl>
Date: 2005-11-16 22:30:47 CET

> No, MD5 is not brute forceable, easy or not so easy. If you
> read the website you pointed to, you'll see it says no such
> thing. Which is good because it would be fiction otherwise.

From a Slashdot story that ran yesterday:

"Patrick Stach has announced the availability of his source code for
finding MD5 collisions and MD4 collisions. MD4 collisions can be found
in a few seconds (but nobody uses that any more), while MD5 collisions
(still being used!) take 45 minutes on a 1.6 GHz P4."
http://it.slashdot.org/article.pl?sid=05/11/15/2037232&tid=172&tid=93&ti
d=228

http://www.stachliu.com.nyud.net:8090/collisions.html

45 minutes... So, I guess MD5 isn't as safe as you think.

Greetz,

Leon Zandman

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Nov 16 22:33:30 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.