The site will still have to decipher them to display them to the user, to replicate that functionality is pretty trivial :yes:

???

decipher md5??

good luck with that

decipher md5??

MD5's a hash function (http://en.wikipedia.org/wiki/Cryptographic_hash_function), not a block encryption algorithm (http://en.wikipedia.org/wiki/Block_cipher).


good luck with that

MD5's been effectively broken (http://en.wikipedia.org/wiki/MD5) for some time - it only takes a couple of minutes to generate a collision these days. It's no longer considered suitable for security-sensitive implementations.

MD5's a hash function (http://en.wikipedia.org/wiki/Cryptographic_hash_function), not a block encryption algorithm (http://en.wikipedia.org/wiki/Block_cipher).



MD5's been effectively broken (http://en.wikipedia.org/wiki/MD5) for some time - it only takes a couple of minutes to generate a collision these days. It's no longer considered suitable for security-sensitive implementations.

yeah....i know mate......but for the sake of discussion I didn't see the point in splitting hairs - for the lay man, md5 can be considered encryption - it is after all, altering the original data to disguise it's content which is the fundamental concept behind any encryption

and it is standard practice to include a salt when using md5 these days - "if passwords are combined with a salt before the MD5 digest is generated, rainbow tables become much less useful"

perhaps if we were talking about a WIS for a bank, a salt + md5 implementation would not be ideal but for this site I would suggest it's quite sufficient

standard practice to include a salt...

That prevents dictionary attacks to recover the original password (for whatever that'd be worth) but does nothing to reduce MD5's vulnerability to collisions. Salting is a valid technique to guard against exploitation of weak passwords when using an unbroken hash algorithm.

In other words, if you store passwords as MD5 hashes, salt or no salt, and I get hold of one of those hashes, I can quickly come up with another password that generates the same hash value, and then happily log on to the account in question.

Which obviates the purpose of storing passwords as hashes in the first place.

Anyway, I drew the block/hash distinction because folk were speaking of MD5 being used to encrypt messages, which wouldn't be possible. Hash functions are used to identify, not to encipher.

<img src="http://imgs.xkcd.com/comics/duty_calls.png"/>

That prevents dictionary attacks to recover the original password (for whatever that'd be worth) but does nothing to reduce MD5's vulnerability to collisions. Salting is a valid technique to guard against exploitation of weak passwords when using an unbroken hash algorithm.

In other words, if you store passwords as MD5 hashes, salt or no salt, and I get hold of one of those hashes, I can quickly come up with another password that generates the same hash value, and then happily log on to the account in question.

Which obviates the purpose of storing passwords as hashes in the first place.

Anyway, I drew the block/hash distinction because folk were speaking of MD5 being used to encrypt messages, which wouldn't be possible. Hash functions are used to identify, not to encipher.

... snip pic out ...

actually i only mentioned md5 as an example - i never suggested it would be used for anything other than password hashing/encryption

it was then taken out of context and here we are:zzzz:


<img src="http://www.uchsc.edu/gs/bnat/img/pedant2.jpg"/>

actually i only mentioned md5 as an example - i never suggested it would be used for anything other than password hashing/encryption

Perhaps not, but you did imply ignorance of the fact that it's crackable, so in best KB pedantrist tradition, I thought I'd barge in with a healthy serving of entirely unnecessary detail.

:niceone:

BLAH BLAH BLAH

are you guys talking about porn in a secret code or something?

BLAH BLAH BLAH

are you guys talking about porn in a secret code or something?

Porn? Nah, someone mentioned hash so I reckon it's drugs.

How about quantum cryptography? :whistle:

How about quantum cryptography? :whistle:

Or analysis on how such a small stool can support such a huge arse?

HggtuGY55.mk.kkhg*goto YHk58

0110011101100101011001010110101101110011

I thought I'd barge in with a healthy serving of entirely unnecessary detail.

:niceone:

really? I hadn't noticed.....

:girlfight:

Arrrgh,:crazy: Nerds, begone from this world:bash:
you have been good slaves to mankind, but time you all took a hike.
(actually, I'm just jealous that it's all above my feeble ability to understand)

for the lay man, md5 can be considered encryption
A layman's concept of encryption includes being able to get the data back out again. Usually using a hot chick in a darkened room and a pile of numbers that whizz over until (one by one) they settle on the secret combination. You can't get the data back out of md5.

Dave

really? have you asked all the laymen?

As the others have alluded to, I'm not sure what the relevance of md5 was to the original discussion.

Bottom line is, even if PMs were encrypted in the database, anyone with server access would find it a trivial matter to decrypt and read them. Well, anyone with half a brain, which presumably, given they have that sort of access, they do.

If you wanted to keep a PM very private you could just share public keys and PGP* it. You could even put your public key in your signature.

But you may as well just start a new thread, since that is just as safe.

Or just meet the person face to face in the middle of a the ocean in dinghy. That's my preference. Nothing like a clandestine dinghy rendezvous.

*Or some other public key encryption system.

the problem with using pgp, gpg etc.. is getting other people to use it. Especially when things 'just work' without the extra hassle. It's bad enough getting people to send stuff in formats you can read reliably.