Found some interesting websites having attempted to practically hack MD5:
5MB words:
http://www.md5decrypter.com/
7GB words:
http://www.md5decrypter.co.uk/
MD5 will take whatever length of string, and hash it into a 128bit value as "signature" for that string.
Practically, if we store all these 128 bit values, and use it as index to build a database, and item value as the short password, this would take space complexity of:
2^128 = 10^38
which is too large practically, but if we can "hash" it again using the "md5_128bit_value" as the key, and item values as the originally cleartext, then bingo!
Patrick also mentioned that we could first sort these 128 bit key, and then do a binary search for the given query "md5_128bit_value" . But it still takes too much space ...... up to 10^38....
Hmmmm... A lot of forums are using MD5 for encrypting the passwords, it would be wise to test your MD5 value for your password in those MD5 hacker websites before you hand it over to your forum...... like
www.ucbbs.com
No comments:
Post a Comment