Re: Passwords on Linux systems(for all flavors)
From: Kyle Wheeler (kyle_at_memoryhole.net)
Date: Fri, 15 Jul 2005 11:47:36 -0500 To: firstname.lastname@example.org
On Wednesday, July 13 at 10:00 AM, quoth Roman Daszczyszak:
> How long is the standard password MD5 hash, 128 bits?
> So theoretically, the longer the password gets, the likelyhood of
> rolling over the top number and getting duplicate hashes for multiple
> password increases as well, yes?
Pretty much, but there's no guarantee that if you compute the MD5 sum of
the all numbers between 0 and
340,282,366,920,938,463,463,374,607,431,768,211,456 (2^128) you will get
the complete set as output. There could theoretically be duplicates even
from input of less than 128 bits.
> I mean, I'm not sure exactly how the MD5 hash algorithm works, but I'm
> sure there's a finite size to the input, after which it becomes
> ineffective because of the duplication I mention above.
The question in general more: if I give you an MD5 sum, how difficult is
it for you to guess a string that will produce the same MD5 sum. Now,
there has been a lot of research into breaking the MD5 algorithm by
pre-computing things, but if we're talking about any fixed-size-output
hash function (e.g. SHA-256, which produces 256 bits of output, or a
measly 32 ASCII characters), the answer is: really really REALLY hard.
Is MD5 (or any fixed-length output hash) ineffective for input that is
more than the number of output bits? Not at all. For example, how would
you go about finding the input string to produce the md5sum
"1234567890abcdef"? Ready... GO! Things get MUCH harder when we upgrade
to something like SHA-256 (find a string that produces
Hashes (such as these) are *designed* for turning large numbers of bits
into smaller numbers of bits.
-- A lot of the truths we cling to depend greatly on our own point of view. -- Obi Wan Kenobi
- application/pgp-signature attachment: stored