| From: | "Matthew D(dot) Fuller" <fullermd(at)over-yonder(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Wim Bertels <wim(dot)bertels(at)khleuven(dot)be>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: md5 collision generator |
| Date: | 2005-11-16 17:43:10 |
| Message-ID: | 20051116174309.GK20846@over-yonder.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Wed, Nov 16, 2005 at 10:29:09AM -0500 I heard the voice of
Tom Lane, and lo! it spake thus:
>
> The existence of this algorithm is disturbing, since it implies that
> MD5 is weaker than people thought,
It occurs to me that, controlling everything that would be poking into
that part of the database, it would be possible to store the password
with several DIFFERENT hash algorithms, which would save us in the
future from any of them being easily crackable (or even ALL of them,
unless you can somehow create a collision across them all
simultaneously). It seems that even with 2 or 3 weak hashes, that
might be safer long-term than with just 1 strong hash. I s'pose it
would add a little cost to the connection-establishing process...
--
Matthew Fuller (MF4839) | fullermd(at)over-yonder(dot)net
Systems/Network Administrator | http://www.over-yonder.net/~fullermd/
On the Internet, nobody can hear you scream.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Wim Bertels | 2005-11-16 17:53:28 | Re: md5 collision generator |
| Previous Message | Wim Bertels | 2005-11-16 17:31:02 | Re: md5 collision generator |