Ron Korving wrote: > I just read this news that an MD5 collision can now be done by anyone in 45 > minutes (avg) on a P4 1.6 GHz: > http://it.slashdot.org/article.pl?sid=05/11/15/2037232&threshold=-1&tid=172&tid=93&tid=228 > http://www.stachliu.com.nyud.net:8090/collisions.html > > MD5 as the standard for hashing is definately history. All the more reason > for sha256- and alike-functions.
If you've read the article closely you'll know that while an impressive trick, collisions cannot be generated arbitrarily. The program generates both of the values that result in the same md5 hash . You cannot give it an md5 and have it generate you a string with the same md5 hash, so md5 is still relatively safe. Ilia -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
