FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


md5 encryption not reliable.





kawkazEE
ive been through an article and says that, they found a website wherein they cant decrypt your encrypted password using md5. so they advised not to use dictionary words in your passwords. but the good news is other than md5 there is sha1 but i havent found an article saying that it is not reliable. hehehe Twisted Evil Twisted Evil Twisted Evil
Ducksteina
MD5 is an one-way encryption. There is no way to decrypt it.
BlackSkad
First of all md5 is a HASH-function, not an encryption (http://en.wikipedia.org/wiki/Hash_function), that is used for cryptographic purposes. MD5 is can not be reversed, but still md5 is irreliable. There are some known ways to create the same hash-string, using another inputstring. But it still is a lot of work. As far as I know, SHA1 is still very save to use, but for a normal, small-sized website, md5 will be save enough as well Wink
Stubru Freak
They just take the md5 hash of the whole dictionary until they find a match.
Give me the md5 hash of a dictionary word or some random letters (less then 5) and I'll be able to tell you the plaintext.
It however takes 26 times longer for each letter added (52 times if you use upper case too, and 62 times if you use numbers, and a whole lot times more for other characters), so with a password of 10+ characters you will be safe. On a computer that does 5'000'000 hashes per second (mine does 3.6 million), a 10 character password with only lower case letters will take almost a year. A 10 character password, mixed case with numbers about 5000 years. So that's enough protection for a simple password.
rohan2kool
well.. md5() can't be decrypted by any way other than Brute Force and even that won't be helpful for very large strings because the problem(in our case, that is the problem.. otherwise that is what it is meant to do) with the md5() decryptrion is, with smaller string unique strings have unique md5 hashes but if you go to see, md5 is a 32-charactered hexadecimal string. So acknowledging that every string has a unique md5 hash, there are only 32^17 in this world i.e 38685626227668133590597632 strings in the world, which just does not seem possible. Hence while encrypting, there are infinite strings giving a common md5 hash, but while decrypting, it is supposed to return only one...

And.. so you don't have to worry about security for small/medium sites. For big giant e-commerce sites like eBay and amazon, it might make a difference.
Kaneda
Quote:
So acknowledging that every string has a unique md5 hash, there are only 32^17 in this world i.e 38685626227668133590597632 strings in the world, which just does not seem possible. Hence while encrypting, there are infinite strings giving a common md5 hash, but while decrypting, it is supposed to return only one...


Not quite right... There are infinite strings giving a common md5 hash, but this is true for any hash. The number of unique MD5 hashes, however, is not 32^17, but rather 16^32 (or 2^128) ~= 3.4 * 10^38.

In another thread, which I can't find now, I did the thought experiment of having a supercomputer which had 10000 dedicated CPUs, which could each do a billion hash computations per second. It would take such a computer about 5.4*10^17 years to use brute force to find a (well chosen) string that results in a given MD5 hash.

(The calculation would be 2^(128-1) / (10,000 * 1,000,000,000) seconds).

That said, there's another weakness in MD5, but it doesn't have anything to do with passwords, but rather (for example) digital signing.

However, yes, some sites store dictionaries of MD5 strings, allowing you to look up the MD5 of common (and some random character strings of short lengths) words. This requires immense amounts of storage space. But this is no different with SHA-1 - it just requires even more space.

As an example, a well-structured (for space) dictionary of the MD5 hashes for 8 character passwords consisting only of lowercase letters and digits, would take up about 30-40GB of disk space (and still take some time to search through for the right one).

Basically, you can split password checks up into different security levels, some of which would be:

- Simply store the password in a database row - giving a hacker every single password with a dump of your database.
- Store the MD5 of the password - giving a hacker every single weak password with a simple dictionary attack.
- Store a salted MD5 - making a dictionary attack pretty much useless.

The way I tend to use for salting is this (actually I use SHA-1 or SHA-256): MD5 a string created from (some variation of): password + MD5(username) + fixed salt.

For example, with the fixed salt "j0/ZnQ;t", the user "bob", and the password "password", you'd get an input string of:

password9f9d51bc70ef21ca5c14f307980a29d8j0/ZnQ;t

Giving the MD5:

8f6826d8bcd4f301b9d0479b7c37b861

... you won't find that in any dictionary Wink Also, should the hacker get access to the PHP source too (or read this, and be "lucky" that I actually used this scheme and salt), and thus know the salt (and the MD5'ing of the username), it still wouldn't matter much. He'd still need to create a custom dictionary to do an attack on the passwords in the database - a dictionary quite a bit larger than the 30-40GB needed for looking up a weak password - and taking a looooong time to generate (read: he'd be dead before it finished generating) Wink

For more sensitive stuff, you can do even better strengthening (time based etc.)... But at some point you reach a strengthening level that is overkill compared to the bit-size of the hash (then you know it's strong enough Wink)

The bottom line. SHA-1 is almost as prone to dictionary attacks as MD5. If the web developer uses them in the right way, though, it won't make a difference.
kawkazEE
whoah!!! tnx for the info guys. it seems like you knw well not much as i do. but i agree with you guys using a password thats long enough and a combination of letters and numbers will be fine. Laughing Laughing
Stubru Freak
Kaneda wrote:
...

... you won't find that in any dictionary Wink Also, should the hacker get access to the PHP source too (or read this, and be "lucky" that I actually used this scheme and salt), and thus know the salt (and the MD5'ing of the username), it still wouldn't matter much. He'd still need to create a custom dictionary to do an attack on the passwords in the database - a dictionary quite a bit larger than the 30-40GB needed for looking up a weak password - and taking a looooong time to generate (read: he'd be dead before it finished generating) Wink


If a hacker knows the scheme and knows the username associated with the password, writing a software application to brute-force dictionary words or passwords with less then 4 characters isn't really hard. If you want to spend your time on it.
rohan2kool
oh.. right.. i messed up the calculations a bit.. it was a late night post when half of my brain is shut down. And using brute force to bring down a hash value is nothing but a useless act.
foodman
ok like it says above md5 is a one way encryption, and i come out to be a 32 random character string somthing like this

Code:
$enc_pass = md5('$_POST[password]');
echo "$enc_pass";


would come out somthing like this gsughuosihfdoiahgohagnao

there is no way to decrypt, unless you are very good at that stuff.
Stubru Freak
foodman wrote:
ok like it says above md5 is a one way encryption, and i come out to be a 32 random character string somthing like this

Code:
$enc_pass = md5('$_POST[password]');
echo "$enc_pass";


would come out somthing like this gsughuosihfdoiahgohagnao

there is no way to decrypt, unless you are very good at that stuff.


No, md5 will come out as a big hexadecimal number like this:
375ea627ce60551335750a3b41aaf4d8
As you can see, that's only numbers and a (10), b (11), c (12,) d (13), e (14) and f (15).
And it's not that hard to decrypt short passwords.
Related topics
Base64 Encoding/Decoding
MD5 Hashing
Windows Vista Official Thread
Php - Basic Encryption site
How to use MD5 in PHP !
[Resolved] Cookie Encryption
Best FTP Client on EARTH
Best Encryption Software
phpBB "integration"
a challenge?
MD5...
How to integrate my forum and site login system
Encryption
Change password and forgot password script
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.