Roman Ivanov wrote:
Ilia Alshanetsky wrote:
You cannot give it
an md5 and have it generate you a string with the same md5 hash, so md5
is still relatively safe.
http://www.google.com/search?q=md5+hash+lookup&start=0&start=0&ie=utf-8&oe=utf-8&client=firefox-a&rls=org.mozilla:en-US:official
Ilia Alshanetsky wrote:
You cannot give it
an md5 and have it generate you a string with the same md5 hash, so md5
is still relatively safe.
http://www.google.com/search?q=md5+hash+lookup&start=0&start=0&ie=utf-8&oe=utf-8&client=firefox-a&rls=org.mozilla:en-US:official
--
PHP Internals - PHP
Jacques Marneweck wrote:
Are there any chances of getting this implemented in the next releases
of PHP 5.0.X and 4.4.X?
I don't think there will be any further 5.0.x release.
Sebastian
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
> > Right, so bottom line, MD5 is showing signs of fatigue. Not "broken" or
> > even significantly weak when used properly
> >
> Also there are sites hosting md5 hashes and the equivalent text for
> password cracking.
>
This is exactly what I meant by "used properly" the problem you're
describing
Sara Golemon wrote:
> Right, so bottom line, MD5 is showing signs of fatigue. Not "broken" or
> even significantly weak when used properly, but she's in the twlight years
> and it's time to send ma to the old folks home for some rest and green
> jello.
>
Also there are sites hosting md5 hashes
Ilia Alshanetsky wrote:
> Stefan,
>
> There will be another RC, but I'd prefer to reserve this feature till
> PHP 5.1.1.
>
> Ilia
>
Hi Guys,
Are there any chances of getting this implemented in the next releases
of PHP 5.0.X and 4.4.X?
Regards
--jm
--
Jacques Marneweck
http://www.powertrip.c
Right, so bottom line, MD5 is showing signs of fatigue. Not "broken" or
even significantly weak when used properly, but she's in the twlight years
and it's time to send ma to the old folks home for some rest and green
jello.
SHA1 isn't quite the matriach yet, but despite having miles to go before
"Ilia Alshanetsky" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Ron Korving wrote:
> > I just read this news that an MD5 collision can now be done by anyone in
45
> > minutes (avg) on a P4 1.6 GHz:
> >
http://it.slashdot.org/article.pl?sid=05/11/15/2037232&threshold=-1&tid=172&tid
Ron Korving wrote:
> I just read this news that an MD5 collision can now be done by anyone in 45
> minutes (avg) on a P4 1.6 GHz:
> http://it.slashdot.org/article.pl?sid=05/11/15/2037232&threshold=-1&tid=172&tid=93&tid=228
> http://www.stachliu.com.nyud.net:8090/collisions.html
>
> MD5 as the stan
I just read this news that an MD5 collision can now be done by anyone in 45
minutes (avg) on a P4 1.6 GHz:
http://it.slashdot.org/article.pl?sid=05/11/15/2037232&threshold=-1&tid=172&tid=93&tid=228
http://www.stachliu.com.nyud.net:8090/collisions.html
MD5 as the standard for hashing is definately
Hello,
> assuming this is true then the built in session handler is pretty
> vulnerable right now no?
> one only has the choice of md5 or sha1 for the hashing mechanism of
> the session handlers id
> as far as I can see ... if php gets a sha256 in the core it would
> possibly be a good thing
> to
Stefan Esser wrote:
Hello,
with MD5 and SHA1 more or less broken, I have hacked together sha256() and
sha256_file(),
because people want a secure hashing function in plain PHP without the need for
3rd party
libraries like mhash.
assuming this is true then the built in session handler is pret
Stefan,
There will be another RC, but I'd prefer to reserve this feature till
PHP 5.1.1.
Ilia
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Hello,
with MD5 and SHA1 more or less broken, I have hacked together sha256() and
sha256_file(),
because people want a secure hashing function in plain PHP without the need for
3rd party
libraries like mhash.
Both functions are already available to users of the PHP Hardening-Patch for
quite a
14 matches
Mail list logo
