Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:20087 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 74670 invoked by uid 1010); 17 Nov 2005 00:28:54 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 74655 invoked from network); 17 Nov 2005 00:28:54 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 17 Nov 2005 00:28:54 -0000 X-Host-Fingerprint: 69.12.155.130 69-12-155-130.dsl.static.sonic.net Linux 2.4/2.6 Received: from ([69.12.155.130:4305] helo=pigeon.alphaweb.net) by pb1.pair.com (ecelerity 2.0 beta r(6323M)) with SMTP id 86/CD-07637-6CECB734 for ; Wed, 16 Nov 2005 19:28:54 -0500 Received: from localhost ([127.0.0.1] helo=peiscg33m) by pigeon.alphaweb.net with smtp (Exim 4.10) id 1EcWry-0004pB-00; Wed, 16 Nov 2005 15:39:14 -0800 Message-ID: <013a01c5eb0d$e1b8bd10$5c8be5a9@ohr.berkeley.edu> Reply-To: "Sara Golemon" To: "Jacques Marneweck" Cc: References: <20051115221143.GA28082@hardened-php.net> <437B08C8.20804@iamjochem.com> <437B0C46.3080809@php.net> <75.66.07637.9497B734@pb1.pair.com> <437B7B73.602@prohost.org> <0C.77.07637.85C7B734@pb1.pair.com> <003b01c5eae0$7235ceb0$5c8be5a9@ohr.berkeley.edu> <437BC4B6.8000401@powertrip.co.za> Date: Wed, 16 Nov 2005 16:28:49 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1506 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506 Subject: Re: [PHP-DEV] PHP 5.1.0 - sha256() and sha256_file() support From: pollita@php.net ("Sara Golemon") > > Right, so bottom line, MD5 is showing signs of fatigue. Not "broken" or > > even significantly weak when used properly > > > Also there are sites hosting md5 hashes and the equivalent text for > password cracking. > This is exactly what I meant by "used properly" the problem you're describing becomes significantly less prone to cracking attempts when simply paired with a key. -Sara