|
|
27-01-2007, 04:05 PM
|
#11 | |
|
ƒ(ψ)=ΘΊΧφ
 
Join Date: May 2006
Location: India
Age: 22
Posts: 5,029
Thanks: 12
Thanked 392 Times in 362 Posts
Rep Power: 69
   |
Re: What's a MD5 hash???
Quote:
MD5CRK
__________________
Please don't click here |
|
|
|
|
27-01-2007, 04:30 PM
|
#12 |
|
Junior Member (25+)
Join Date: Oct 2006
Posts: 48
Thanks: 20
Thanked 5 Times in 4 Posts
Rep Power: 0
 |
The MD5 calculator can indeed be tricked, but not 'with a little work'.
What ZyanWu is suggesting is notionally something like this real file: ------ some innocent code----- Trojan: ------ Destructive code ------ some garbage that makes the MD5 come out right---- The problem is computing the value of the garbage. This is the same problem as the problem of taking the public PGP key and a file encoded with it and extracting the private key. A proof exists that the quickest way to compute this is to try all the private keys one at a time. For a 128 bit key, you can do this, if you have a warehouse full of supercomputers sitting around idle. There is a controversy about MD5 - somebody finally found a way to do it with some faster (but still slow) method. MD5 - Wikipedia, the free encyclopedia So it's no longer secure. so this algorithm is not preferred these days, SHA-5 is preferred. But it definitely was NOT 'a little work' to come up with. Oops... brain getting old and crudded up. Meant SHA-2, not SHA-5 (SHA-1 has been compromised). SHA-1 is the basis of PGP. Yes, that means PGP is compromised (which I didn't know - thanks, guys!) If you reaaallly need security, I'm afraid you'll have to use one time pad. Please be careful using that from the US, that's a good way to get a visit to Guantanamo. P.G.P. words: L. Fish (c)12/18/93 tune: ditto The G-men all are cryin' And tearin' out their hair, 'Cause there's a new cryptography That's shown up everywhere. Nobody can break it, However good they be. Everybody's PC got the PGP. It guarantees who's callin' And just who gets the call. If you ain't got your code-word, You can't get in at all. Oh, there ain't nothin' like it To keep your privacy. Half the world's computers got the PGP. There's not a way to crack it, Not in a hundred years. All the spooks & wiretappers Are cryin' in their beers. They can't spy on E-mail Here or oversea When every home computer's got the PGP. Bless the man who made it, And pray that he ain't dead. He could've made a million If he'd sold it to the feds, But he was hot for freedom; He gave it out for free. Now every common citizen's got PGP. So go say what you want to, Of love or war or hate, Kinky sex, or dirty words, Or overthrow the state. Nobody can stop you. Speech is really free When everybody's PC got the PGP. Last edited by bakuryu; 27-01-2007 at 04:48 PM. |
|
|
|
27-01-2007, 04:55 PM
|
#13 |
|
Junior Member (25+)
Join Date: Oct 2006
Posts: 48
Thanks: 20
Thanked 5 Times in 4 Posts
Rep Power: 0
|
Re: What's a MD5 hash???
In researching this thread I came across this discussion of the political impact of this whole issue of 'a little work' by the guy who wrote PGP.
I'd encourage every person on this board to read it, and start transmitting routine email to each other in encrypted form. http://www.philzimmermann.com/EN/ess...IWrotePGP.html |
|
|
|
| Thanked Users: | Strider (27-01-2007) |
|
27-01-2007, 05:03 PM
|
#14 |
|
Founder
 
Join Date: Nov 2005
Location: The Last City Zion!
Posts: 2,684
Thanks: 228
Thanked 230 Times in 191 Posts
Rep Power: 53
|
Re: What's a MD5 hash???
It's an impressive article. Kudos to Mr. Zimmermann
|
|
|
|
|
27-01-2007, 05:17 PM
|
#15 |
|
Junior Member (25+)
Join Date: Oct 2006
Posts: 48
Thanks: 20
Thanked 5 Times in 4 Posts
Rep Power: 0
|
Re: What's a MD5 hash???
Phil Zimmerman is one of the grand old heads of computing.
If somebody who has enjoyed this thread knows HTML and CSS and wants an incredible opportunity, they should take him up on OpenPGP.org - The OpenPGP Alliance Home Page his request for a volunteer to maintain the openpgp website. |
|
|
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
