|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| ||||||||||||||||||||||||||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
June 2nd, 2009, 05:48 AM
|
|||
|
|||
Isolate MD5's salt, possible?
Hi,
I was wondering and googling and would really appreciate some tips... If person knows the original text/string, knows its "clean" md5, and knows the final md5 of text+salt, it is possible to isolate the string (5-10 chars) used to salt the original message? I.e. get the salt and redo the checksum of a tampered message sent to a third party server. Thanks a bunch! 
|
|
#2
June 19th, 2009, 01:50 PM
|
|||
|
|||
|
I think you're confusing things.
MD5 does not use a salt. It does not stop you adding one to the plaintext. You are talking about finding collisions in MD5. http://en.wikipedia.org/wiki/Md5#Vulnerability Best regards, AstroTux.
|
|
#3
June 19th, 2009, 11:40 PM
|
||||
|
||||
|
In an ideal hash the answer to your question is no, knowing part of the original text and knowing the end hash with and without the salt does not allow you to determine the unknown part of the original text any easier than breaking the hash from knowing only the end hash.
MD5 is not an ideal hash however, so knowing that data may allow you to determine the original plain text more easily - however, you are not going to find a simple formula or algorithm that you can just plug the data into and get a result. It is still going to be mathematically intensive to program such an application, and computationally expensive to run it.
|
|
| Viewing: Dev Shed Forums > System Administration > Security and Cryptography > Isolate MD5's salt, possible? |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
