Topic: What is the point of MD5?

[rv20]

This is a bit off topic but, i downloaded an "md5 bruter" cracker, just for learning purposes.

Anyway, i set a character set of [a-z][A-Z][0-9] and 3 more symbols :_- i then generated an md5 for a 12 character password in php md5("passpasspass") etc  and fed that md5 into the cracker now the cracker tells me that this will take about 32,000 years to crack.   How long do you think it would take if you hooked up say 10 supercomputers and coded the cracker in assembler?

[MadTechie]

You might as well use 1000 PS3 it would probably be quicker, super computers are good for heavy calculations but the playstation 3 was designed to do simple calculations quickly, no matter how you do it, you still have the getting the HASH & salt problem

[Daniel0]

I think 1000 PS3s would be regarded as a supercomputer by most computer scientists. In this article they refer to a cluster of eight PS3s as a small supercomputer.

[MadTechie]

Cool and add this article

With about 200 PlayStation 3 (PS3) farm (its Cell processor is popular with code breakers because it is good at performing cryptographic functions)

and we have some good cracking options

[waynewex]

If an attacker can read your md5 password hashes, encryption strength would be the least of your worries.

[N-Bomb(Nerd)]

As extreme as this sounds, would something like the following work?

Get a domain and some hosting on a different box, then creating only one script (the hashing script) on that hosting for maximum security purposes. Then sending whatever you want to that script that you want hashed and it will only output the hashed version of whatever you sent to it. Then of course reading the source of the output of the script would contain your hashed string without the actual hashing method on the local box. Therefore if you do get hacked or something happens then nobody knows exactly how you've came up with your hashing method. What's a few extra bucks for the safety of your members? 

Yeah, I might be extremely tired at the moment.. but it honestly sounded like a good idea like 20 minutes ago on the shitter.

[Daniel0]

No, because obscurity is not security.

[GingerRobot]

Ok, if you're uncertain on how to securely encrypt a password that cannot easily be brute-forced, you could try something like this:

Code: [Select]

<?php
function md5_me($input){
$salt = "cheeseburgerinparadise";
$pass = md5($input.$salt);
$pass = str_ireplace(array("a","c","e"),"",$pass);
return md5($pass);
}
?>
What this does is it takes the users password, adds a salt to the end, MD5 encrypts it, strips out all instances of "a","c", and "e", then MD5 encrypts what is left.

There is no perfect solution, but if you must be paranoid with encryption methods, this should make you feel better. If someone gets the MD5 string, and brute-force decrypts it, all they will have is a partial MD5 of the salted password.

Yup that is prety good, would take some mathematics to crack that if at all possible.

You really are missing the point of hasing. Hashing is a one-way process. It cannot be 'cracked'. Yes, you can use rainbow tables. Yes, you can analyse the algorithm in order to increase the chances of collisions. No, you cannot reverse it.

For example, if i tell you a number is 6 mod 7, what was the original number? You can't tell me. You can tell me an infinite amount of numbers that are also 6 mod 7, but you cannot guarantee that you're telling me my original number. Therefore, you cannot reverse it. While this is an extremely simple example, it should illustrate the point.

[Daniel0]

Another way that you could say it is that the cardinality of the domain is infinite, but the cardinality of the range if finite. MD5 will always output a 32 digit hexadecimal number. There are 16 different hexadecimal digits, so that means 16³²≈8.7*10⁴⁰ distinct outputs. It's a lot, but clearly much lower than the infinite number of possible inputs. Incidentally it also means that there is a fixed upper limit on the number of checks you have to perform before you will get a match*.

You say that if x₁ ≠ x₂ and f is a hashing function then if f(x₁)=f(x₂) you have a hash collision. There is an infinite number of hash collisions. As GingerRobot said, this means you cannot reverse it. However, in terms of checking the hash of an entered password with the stored hash of the real password, it is irrelevant whether or not you can reverse it because one of the colliding inputs will also match and log you in. This is also why doing things like md5(md5()) is a bad idea. Doing that you are drastically decreasing both the final domain and range and thus increasing the chance of a hash collision.


* I'm not 100% sure this last statement is true.

[aschk]

Here's what I would do.
1) Use SHA1 not MD5 firstly.
2) Use salts.
3) If you're providing login facilities, then also provide a limited number of access attempts, before locking out the account (e.g. 3).

Thus, if you have a lockout time of say 30 minutes for every 3 attempts, you adding a HUGE amount of time to any possible crack. Also, it would be a good idea to log the offending attempts with IP address so you can backtrace any potential threats to their source and implements IP banning on top if you see patterns of attempts from the same IP.

[Daniel0]

Thus, if you have a lockout time of say 30 minutes for every 3 attempts, you adding a HUGE amount of time to any possible crack.

Assuming the brute forcing is made using your login form in which case the choice of hashing algorithm and the usage of salts is actually irrelevant. If they get the hash the lockout is irrelevant, but the choice of hashing algorithm and salting isn't. Either way, a lockout mechanism is obviously a good idea.

That being said, I use SHA-256 or SHA-512.

[rv20]

Ok, if you're uncertain on how to securely encrypt a password that cannot easily be brute-forced, you could try something like this:

Code: [Select]

<?php
function md5_me($input){
$salt = "cheeseburgerinparadise";
$pass = md5($input.$salt);
$pass = str_ireplace(array("a","c","e"),"",$pass);
return md5($pass);
}
?>
What this does is it takes the users password, adds a salt to the end, MD5 encrypts it, strips out all instances of "a","c", and "e", then MD5 encrypts what is left.

There is no perfect solution, but if you must be paranoid with encryption methods, this should make you feel better. If someone gets the MD5 string, and brute-force decrypts it, all they will have is a partial MD5 of the salted password.

Yup that is prety good, would take some mathematics to crack that if at all possible.

You really are missing the point of hasing. Hashing is a one-way process. It cannot be 'cracked'. Yes, you can use rainbow tables. Yes, you can analyse the algorithm in order to increase the chances of collisions. No, you cannot reverse it.

For example, if i tell you a number is 6 mod 7, what was the original number? You can't tell me. You can tell me an infinite amount of numbers that are also 6 mod 7, but you cannot guarantee that you're telling me my original number. Therefore, you cannot reverse it. While this is an extremely simple example, it should illustrate the point.

NO am i not missing the point of hashing, for a single pass of md5 this simple brute forcer takes a matter of minutes to crack a 6 character password with [a-z][A-Z][0-9],

http://eternalrise.com/blog/brute-force-php-script/

I haven't tried a 7 letter password the time taken usually goes up,  i would guess exponentially.   And then yes rainbow tables, they store every possible hash you can get or something along those lines, with databse base searching this can be pretty fast to crack a password.

So that leaves you with md5 combination like md5(md5) or adding salt, now after a quick google i see plenty of applications which claim they can crack a salted password, i am not going to bother looking into them, but it wouldn't suprise me if someone has worked something out.


So you make out like md5($password) is secure as it is a hash whereas i can crack it in about 1 min. 

[neil.johnson]

Is the project you are working on that big you think that people will actuall spend any amount of time at all trying to crack your hashed/ecrypted passwords? Are you making the next Facebook or Twitter?
Maybe cryptogrophy is just a topic you are interested in. Let me say that you could probably store your passwords in plain text and nobody would even bother attempt to gain access to them. Unless you are working on the next goldmine why would anyone rob a bank that has no money!

[rv20]

Is the project you are working on that big you think that people will actuall spend any amount of time at all trying to crack your hashed/ecrypted passwords? Are you making the next Facebook or Twitter?
Maybe cryptogrophy is just a topic you are interested in. Let me say that you could probably store your passwords in plain text and nobody would even bother attempt to gain access to them. Unless you are working on the next goldmine why would anyone rob a bank that has no money!

I know all this, but the main thing was just suprise, so i had heard how strong and unreversable md5 was and then saw how easy it was to crack so i have to ask what is the point, it is actually easier to crack than some simple 5 line home brew encryption function, but as i now know if you salt it then very difficult.

[discomatt]

I've always liked this method:

Generate random salt ( usually of the same length as the hash )

Chop the password and salt into 2 chunks.

Mix chunks and hash.

Split hash into 2 parts, mix with salt.

You now have the salt stored in plain text, but it's theoretically impossible to extract it from the hash without knowing the chunk sizes and algorithm used. It's a little paranoid, but it's actually a very light script ( php is very quick and string manip ) requiring only 1 hash to check a password.

Salting is VERY VERY important. I would argue a random salt is equally important. You're protecting your viewers passwords they might use elsewhere. Rainbow tables are becoming huge and easy to access.