Posted by: oldmaven November 1, 2007
Login in to Rate this Post:
0 
? 
?
.
MD5 is considered not secure at all. Researches have proved there are algorithms that can actually find collisions in compression algorithmic implementation of MD5. There are claims that say they can reverse brute-force hashes as such. There are even better mechanisms to break using the "rainbow table" project that uses the time-memory trade off technique, much much faster than the brute can do.
Using a "salt" value to further protect MD5 hashes is what is generally used prominent that can reduce rainbow cracks. i.e hash is md5 (password, salt)
SHA-1 is the successor for MD5. Security researchers even claim collisions on SHA-1 hash functions. LOL .
I see many PGP signed messages using SHA-1 hashes. I myself signed my message on SHA-512 just in case. : ) And there has not been any collisions reported on that till date.
I hope NIST comes up with great competition for us to see more interesting hash algorithms in future.
@ SAAJHA, i am just a big time enthusiast.
@ atit, Good that it helped you. And now you want to attack your server to prove a single point of failure. I bet there are plenty tools out there for SYN flooding. Why dont you google ? Just a small thought: if you simply run ftp server and hog the network to practically -dead- with multi connections and ingress/egress traffic, and prove that you need a back-up server ? : ) but then, i'd suggest you go for the former choice to play with the tools.
@Grace_S , Cracking WEP : must be easy with so many tools available. WPA-2 is what they say should be chosen to secure your Wi-Fi , at this time. Let the time roll, and we can see wonders ahead.
MD5 is considered not secure at all. Researches have proved there are algorithms that can actually find collisions in compression algorithmic implementation of MD5. There are claims that say they can reverse brute-force hashes as such. There are even better mechanisms to break using the "rainbow table" project that uses the time-memory trade off technique, much much faster than the brute can do.
Using a "salt" value to further protect MD5 hashes is what is generally used prominent that can reduce rainbow cracks. i.e hash is md5 (password, salt)
SHA-1 is the successor for MD5. Security researchers even claim collisions on SHA-1 hash functions. LOL .
I see many PGP signed messages using SHA-1 hashes. I myself signed my message on SHA-512 just in case. : ) And there has not been any collisions reported on that till date.
I hope NIST comes up with great competition for us to see more interesting hash algorithms in future.
@ SAAJHA, i am just a big time enthusiast.
@ atit, Good that it helped you. And now you want to attack your server to prove a single point of failure. I bet there are plenty tools out there for SYN flooding. Why dont you google ? Just a small thought: if you simply run ftp server and hog the network to practically -dead- with multi connections and ingress/egress traffic, and prove that you need a back-up server ? : ) but then, i'd suggest you go for the former choice to play with the tools.
@Grace_S , Cracking WEP : must be easy with so many tools available. WPA-2 is what they say should be chosen to secure your Wi-Fi , at this time. Let the time roll, and we can see wonders ahead.