Page 1 of 3
ENCRYPTION
Posted: Thu Jun 08, 2006 9:10 pm
by tecktalkcm0391
What 'encryption' methods have been cracked?
Re: ENCRYPTION
Posted: Thu Jun 08, 2006 10:39 pm
by Roja
tecktalkcm0391 wrote:What 'encryption' methods have been cracked?
Cracked is imperfect language for cryptology. The terms generally preferred are broken, weakened, or compromised.
Each has its own meaning. First you find flaws in the algorithm - it is weakened below the (expected, published) brute force strength it once had.
Then you find structural problems in the algorithms - allowing you to compromise them, reducing the brute force strength substantially, and in a clear fashion that doesn't rely on hardware choices.
Finally, you break the algorithm. You find a way to (near) instantly decode the encryption. You reduce its strength to a trivial level.
Few algorithms have been truly broken. Plenty have been compromised, or weakened.
However, your poll is also flawed in selections. MD5 isn't encryption. Its a cryptographic hash. You can't decode an md5sum. You can only predict the correct hash (collision), in a short period of time.
Posted: Fri Jun 09, 2006 4:40 am
by Oren
Well... Currently md5, but not for long. I'll keep using md5, but not as "pure md5". At the beginning I used to use md5 with some kind of salt, but then I've got the impression that "pure md5" is secure enough and would do the job - which is obviously wrong. So the next time I code anything that needs to keep some data secured, passwords for a login system for example, I'm going to make a small research and dedicate more thought before I do anything.
Posted: Fri Jun 09, 2006 5:26 am
by Maugrim_The_Reaper
Replace MD5 with SHA256 - you can use either the mcrypt extension, or feyd has a PHP implementation in Code Snippets.
Posted: Fri Jun 09, 2006 5:36 am
by Oren
Yeah, I've read before about this SHA256 on this forum, but can you tell me what it is exactly? What should I do in order to be able to use it?
Thanks.
Posted: Fri Jun 09, 2006 5:48 am
by Maugrim_The_Reaper
It does the same thing (well, not exactly - it's far more secure) as MD5 - creates a hash of any value you pass it.
It's not available as a native PHP function like md5() or sha1() - you need to use the mcrypt library (which must be available in your host) or else a PHP implementation such as feyds. The mcrypt lib is documented in the PHP Manual - feyd has a write up of his class's use in the source code header. In both cases it's almost as simple as a straight md5() call... Not much to it - you may just need to make your password database field longer (SHA256 creates a 64 character hash instead of MD5's 32)
See here for feyd's PHP class -
viewtopic.php?t=32334
You use it simple by including the class file and calling
Code: Select all
$hash = SHA256::hash('somestring');
Posted: Fri Jun 09, 2006 5:57 am
by Oren
Ok, thanks. Do you think it's better than md5 + salt and such?
Posted: Fri Jun 09, 2006 5:59 am
by Maugrim_The_Reaper
Using a salt makes it even more secure - but on a number of levels SHA256+salt is far more secure than MD5+salt.
Posted: Fri Jun 09, 2006 6:30 am
by Oren
Maugrim_The_Reaper wrote:on a number of levels SHA256+salt is far more secure than MD5+salt.
Kinda obvious, but why "on a number of levels"? Is there a case where md5 + salt is better? It doesn't make sense to me.
Posted: Fri Jun 09, 2006 11:22 am
by daedalus__
You have to know some serious math to predict md5 collisions, don't you?
Posted: Fri Jun 09, 2006 11:37 am
by jayshields
Or you could just use one of the rainbow tables which has already found hundreds of thousands of collisions.
I chose md5 on the poll, because I still use it, but I use a salt - which I believe to still be secure enough.
Posted: Fri Jun 09, 2006 11:43 am
by daedalus__
Oh.
I was thinking about switching too, but I just use a really long salt.
Posted: Sat Jun 10, 2006 12:47 am
by AGISB
Oren wrote:Maugrim_The_Reaper wrote:on a number of levels SHA256+salt is far more secure than MD5+salt.
Kinda obvious, but why "on a number of levels"? Is there a case where md5 + salt is better? It doesn't make sense to me.
Yes there is. If the security is not so important but the performance is. md5 is way faster than sha256
Posted: Sat Jun 10, 2006 5:44 am
by Oren
Read again... We were talking about security, nothing else

Posted: Sat Jun 10, 2006 11:57 am
by Maugrim_The_Reaper
Is there a case where md5 + salt is better?
None. There are arguments to the contrary but every one of them argues that using a salt makes an MD5 hash impervious - that is simply not true. The salt itself may be compromised in the event a server is hacked, which will compromise the salted MD5 hashes, which will lead to rainbow table lookups which are SIMPLE for MD5. This is the part people fail to see - you don't need a supercomputer to create MD5 collisions!
In all cases SHA256 is significantly more secure. On the other hand MD5 is still "good enough" for some uses, maybe file hash comparison and similar where performance is worth considering, and the risk minute. But for sensitive data hashing it's just not "good enough". If I have your MD5 hash (and optionally a salt if used) I can run all your stored password hashes across a rainbow table and search for collisions. It's as simple as that.
It is highly recommended by myself that you switch to SHA256 if possible. I've recommended the same to dozens of clients over the last two years. Why settle for lower security? It's a no brainer.