Jump to content


Photo
- - - - -

To MD5 or not to MD5


  • Please log in to reply
14 replies to this topic

#1 XTF

XTF

    IPB Full Member

  • +Clients
  • 117 posts

Posted 26 June 2012 - 11:19 AM

As far as I know, the security of MD5 isn't the best, see http://en.wikipedia.org/wiki/MD5
Wouldn't it make sense to move away from MD5 and use for example SHA1?

#2 Ryan H.

Ryan H.

    Watch how I soar.

  • +Clients
  • 3,032 posts

Posted 26 June 2012 - 11:25 AM

SHA1 is hardly better. bcrypt or an alternative would be optimal, but there are implementation problems that mean it probably won't be happening soon [mostly lack of support and cross-platform compatibility].

If you're interested in a lot of reading, I had a topic on security concerns a couple months ago. It touched on this, among other things. http://community.inv...board-security/

Ryan Hoerr / "No1 1000"

 

IP.Board 3.4 Resources bullet_star.pngbullet_star.pngbullet_star.pngbullet_star.pngbullet_star.png

App Advanced Tags & Prefixes

App Easy Pages

Skin Graphite

Skin Thoreau


#3 XTF

XTF

    IPB Full Member

  • +Clients
  • 117 posts

Posted 26 June 2012 - 12:24 PM

SHA1 is hardly better.

Is it? For strong long passwords it seems much better. For short passwords maybe not so much.

#4 Ryan H.

Ryan H.

    Watch how I soar.

  • +Clients
  • 3,032 posts

Posted 26 June 2012 - 01:36 PM

Is it? For strong long passwords it seems much better. For short passwords maybe not so much.

It suffers from the same fundamental problem that MD5 does, which is that it is a hash function, not a cryptographic method. It is designed to be as fast as possible to calculate, which means that hardware can be optimized to process the hashes extremely quickly--for a modern GPU, hundreds of millions per second. If brute force attacks aren't a concern, the hashing technique is largely irrelevant anyway.

Ryan Hoerr / "No1 1000"

 

IP.Board 3.4 Resources bullet_star.pngbullet_star.pngbullet_star.pngbullet_star.pngbullet_star.png

App Advanced Tags & Prefixes

App Easy Pages

Skin Graphite

Skin Thoreau


#5 bfarber

bfarber

    RBT-KS

  • IPS Management
  • 28,674 posts

Posted 27 June 2012 - 11:46 AM

There are rainbow tables for SHA1, so realistically it would suffer the same side effects (ability to look up a hash, given enough resources) as MD5.

Brandon Farber
Development Manager / Senior Support

If it sounds like fun, it's not allowed on the bus!

php5_zce_logo_new.gif     

Invision Power Services, Inc.


#6 XTF

XTF

    IPB Full Member

  • +Clients
  • 117 posts

Posted 27 June 2012 - 12:09 PM

Don't good salts make rainbow tables useless?

#7 bfarber

bfarber

    RBT-KS

  • IPS Management
  • 28,674 posts

Posted 28 June 2012 - 06:36 AM

Rainbow tables take into account salts now - most have options on the order and how the hashes are computered (salt first - password second, salt first and md5'd - password second and plain text, and so forth).

Brandon Farber
Development Manager / Senior Support

If it sounds like fun, it's not allowed on the bus!

php5_zce_logo_new.gif     

Invision Power Services, Inc.


#8 XTF

XTF

    IPB Full Member

  • +Clients
  • 117 posts

Posted 28 June 2012 - 11:09 AM

Doesn't that only work if your salts are too small? If you've got 64 bit salts it'd require you to compute 2^64 rainbow tables. AFAIK computing one table is kinda expensive already, how are you going to compute 2^64?

#9 euantor

euantor

    IPB Member

  • +Clients
  • 57 posts

Posted 28 June 2012 - 02:34 PM

Given the power of modern machines and the fact you can use your GPU these days to handle tasks like this as well as the CPU, 2^64 really isn't that un-reachable as you might think.

#10 Ryan H.

Ryan H.

    Watch how I soar.

  • +Clients
  • 3,032 posts

Posted 28 June 2012 - 02:55 PM

Given the power of modern machines and the fact you can use your GPU these days to handle tasks like this as well as the CPU, 2^64 really isn't that un-reachable as you might think.

And since in most systems the salt is stored in plaintext with the password, it's often simpler to do away with rainbow tables and just go straight at it with a CPU/GPU.

Ryan Hoerr / "No1 1000"

 

IP.Board 3.4 Resources bullet_star.pngbullet_star.pngbullet_star.pngbullet_star.pngbullet_star.png

App Advanced Tags & Prefixes

App Easy Pages

Skin Graphite

Skin Thoreau


#11 euantor

euantor

    IPB Member

  • +Clients
  • 57 posts

Posted 28 June 2012 - 05:20 PM

And since in most systems the salt is stored in plaintext with the password, it's often simpler to do away with rainbow tables and just go straight at it with a CPU/GPU.


Exactly. A lot of systems are using considerably outdated password storage mechanisms.

#12 XTF

XTF

    IPB Full Member

  • +Clients
  • 117 posts

Posted 29 June 2012 - 02:28 AM

Given the power of modern machines and the fact you can use your GPU these days to handle tasks like this as well as the CPU, 2^64 really isn't that un-reachable as you might think.

Got a reference for that? Note that we're talking about 2^64 rainbow tables, not 2^64 passwords.

And since in most systems the salt is stored in plaintext with the password, it's often simpler to do away with rainbow tables and just go straight at it with a CPU/GPU.

Storing (part of) the salt in a conf file would alleviate that.

#13 euantor

euantor

    IPB Member

  • +Clients
  • 57 posts

Posted 29 June 2012 - 03:35 AM

Got a reference for that? Note that we're talking about 2^64 rainbow tables, not 2^64 passwords.


There are plenty on why MD5 is bad:

http://blog.cloudfla...ying-up-to-date
http://codahale.com/...ore-a-password/

Then there's also sites like this:

http://www.md5-hash....ashing-decrypt/

#14 XTF

XTF

    IPB Full Member

  • +Clients
  • 117 posts

Posted 29 June 2012 - 04:19 AM

There are plenty on why MD5 is bad:

I take it you don't get what we're talking about.

#15 euantor

euantor

    IPB Member

  • +Clients
  • 57 posts

Posted 29 June 2012 - 03:04 PM

I believe I do, though I am new to IPS and may be grasping the wrong end of the stick concerning anything relating to the actual software.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users