[plug] ANNOUNCE: Tuesday will be at Fast Eddies, feature PHP demo

Mike Holland myk at golden.wattle.id.au
Mon May 10 15:46:11 WST 1999


On Mon, 10 May 1999, Christian wrote:

> MD5 isn't a form of encryption - just in case there's any confusion. 
> It's a cryptographic checksum (aka "message digest") algorithm.
 
> Basically it's a number which "represents" (supposedly uniquely) in some
> way the data it was originally fed.  Given a piece of data it is
> therefore posible to generate a cryptographic hash however the function
> is supposedly irreversible so that the original data cannot be
> calculated in any way from the hash.

Its quite impossible, but that applies to _any_ checksum. Otherwise it
would be a compression algorithm!

  The point of md5 is not related to reversing, it is that it is very
hard to forge a document which produces a given md5 sum.
It is impossible for a small checksum to be unique to a large input
message, but _finding_ the alternatives is not practically achievable.

> behaviour, I know MD5 is used in some implementations (eg NetBSD) to
> avoid those ridiculous US restrictions on cryptography export.  Out of
> interest, does anyone know what Linux uses?

AFAIK, it did once use the traditional Unix crypt, which is DES based.
The source code may not have been in standard distros, but was easy
to find.
  But my RH5.2 uses PAM, which I think uses MD5.

> Hmmm... that might have just been Crypto 102. ;-)

102.1 and counting


Mike Holland <mike at golden.wattle.id.au>            Perth, Australia.
                          --==--
Any sufficiently advanced bug is indistinguishable from a feature.
                -- Rich Kulawiec



More information about the plug mailing list