RE: Repository Passwords are in clear text?

>>>>> "Leon" == Leon Zandman <Leon> writes:

>> No, MD5 is not brute forceable, easy or not so easy. If you read
>> the website you pointed to, you'll see it says no such thing.
>> Which is good because it would be fiction otherwise.

>> From a Slashdot story that ran yesterday:

 Leon> "Patrick Stach has announced the availability of his source
 Leon> code for finding MD5 collisions and MD4 collisions. MD4
 Leon> collisions can be found in a few seconds (but nobody uses that
 Leon> any more), while MD5 collisions (still being used!) take 45
 Leon> minutes on a 1.6 GHz P4."
 Leon> http://it.slashdot.org/article.pl?sid=05/11/15/2037232&tid=172&tid=93&ti
 Leon> d=228

 Leon> http://www.stachliu.com.nyud.net:8090/collisions.html

 Leon> 45 minutes... So, I guess MD5 isn't as safe as you think.

No. While that result is interesting -- it confirms the original work
done by cryptographers in China -- it is precisely the point I was
referring to.

Cryptographic hashes are supposed to have two key properties:

1. Given a message with hash X, it is infeasible to find a different
   message that also has hash X.
2. It is infeasible to find two messages with the same hash.

#2 is stronger than #1. The weakness that has been discovered relates
to #2. But #1 is the one most critical to hash-based security
schemes, and that one still stands.

Of course all this means that, given the choice, you definitely should
consider avoiding MD5. But it does not mean that the wild assertion
"MD5 is easily broken by brute force" has any merit.

     paul

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Nov 17 15:36:25 2005