On Thursday, October 18, 2001 10:52 AM, [EMAIL PROTECTED] > If the attacker knows the algorithm (although not the prime number) this is > unfortunately trivial to crack: they just have to guess the time that is > encoded by the timestamp. :(
You're right. I solved it as if the timestamp was unpredictable. Better to use a one-way and append it to the plaintext. But if an MD5 digest is used, it should probably be based on some function of the timestamp and a secret as Hahn suggested. -=greg
