RC4 Encryption Security
Re: RC4 Encryption Security
What is the benefit of hashing multiple times? Just hashing once with a sufficiently long salt should be enough to make such rainbow tables useless.
quidquid Latine dictum sit altum videtur
Re: RC4 Encryption Security
well, its kind of a trend nowadays. i already saw a server once, re-hashing its passwords up to 1000(!) times, before storing them in a database, which is of course a total overkill but oh well. 
its just part of the "algorithm" and not only meant to avoid rainbow tables, but to create confusion.
but yes, you are basically right.
c ya,
nco2k
its just part of the "algorithm" and not only meant to avoid rainbow tables, but to create confusion.
but yes, you are basically right.
c ya,
nco2k
If OSVersion() = #PB_OS_Windows_ME : End : EndIf
Re: RC4 Encryption Security
You know the old saying: "if one hash is good, 1000 must be better" 
quidquid Latine dictum sit altum videtur
Re: RC4 Encryption Security
didnt heard that one before, but i guess they did.
c ya,
nco2k
c ya,
nco2k
If OSVersion() = #PB_OS_Windows_ME : End : EndIf
-
Little John
- Addict
- Posts: 4791
- Joined: Thu Jun 07, 2007 3:25 pm
- Location: Berlin, Germany
Re: RC4 Encryption Security
Hi freak,freak wrote:Btw, the flaws in MD5 (and also similar ones in SHA-1) only concern things like digital signing of documents, where the attacker wants to specifically generate two documents with different content but the same hash. Then if he gets one of them digitally signed, the signature will also be valid for his other document. For this there are very fast algorithms today, making MD5 useless for digital signing.
this sounds very interesting. What algorithm (to be implemented in PB, of course) do you recommend for digital signing of documents?
Regards, Little John
Re: RC4 Encryption Security
Sorry, i don't have much knowledge in that area.
quidquid Latine dictum sit altum videtur