Re: MD5 Alive?



On Aug 22, 7:53 am, "Sebastian G." <se...@xxxxxxxxx> wrote:
Ertugrul Soeylemez wrote:
MD5does not, and in fact cannot, guarantee uniqueness. If, like stated
above,MD5with the same input space as output space is a bijection,
then it does guarantee uniqueness for inputs of exactly 128 bits, but we
don't know that even for the originalMD5.

Actually we should assume quite the contrary: IfMD5is a pseudorandom
function, than it's a pseudorandom mapping and therefore about 1/e of all
outputs will not occur, and about the same number will be collisions.

Thanks for the feedback. I figured monkeying around with the internals
of MD5 would not help me.

However, some alarming points were brought up and I wouldn't mind
clarification on them.

It sounds like I got a big NO to my 25 times, split, 25 more times. As
in this is NOT making MD5 any more secure and in fact might be making
it less secure.

Running the Digest on itself say upwards of 1000 times is -- in the
circles that I've been in kind of an accepted thing to do.

For example if I take "abc" and run MD5 on it, take the answer run MD5
on that, and do so a 1000 more times what I get is no more secure then
if I ran it once?

If I'm reading correctly it even sounds that what I get utlimately at
the end of 1000 times might be the same as if it had been done with
"xyz" 1000 times?

Is this true?

.



Relevant Pages

  • Re: MD5 Alive?
    ... above,MD5with the same input space as output space is a bijection, ... then it does guarantee uniqueness for inputs of exactly 128 bits, ... MD5 is a cryptographic hash. ... in this is NOT making MD5 any more secure and in fact might be making ...
    (alt.computer.security)
  • Re: MD5 Alive?
    ... above, MD5 with the same input space as output space is a bijection, ... don't know that even for the original MD5. ... Actually we should assume quite the contrary: If MD5 is a pseudorandom function, than it's a pseudorandom mapping and therefore about 1/e of all outputs will not occur, and about the same number will be collisions. ...
    (alt.computer.security)
  • Re: MD5 Alive?
    ... MD5 with the same input space as output space is a ... but we don't know that even for the original MD5. ...
    (alt.computer.security)
  • Re: Encrypting /etc on Linux
    ... > as effective regardless of the algorithm used. ... but MD5 will fall as computers get faster. ... but doesn't help for local logins. ... Well if the OP wants secure logins but can't gurantee secure /etc ...
    (comp.security.unix)
  • Re: Mandrake 2009
    ... password scheme tcb-- whose only purpose seems to be complicating life and ... Also /etc/shadow does NOT use md5 and their alternatives are almost ... certainly less secure. ...
    (alt.os.linux)