Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:20138
Return-Path: <ants.aasma@mig.ee>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 50898 invoked by uid 1010); 18 Nov 2005 09:12:44 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 50882 invoked from network); 18 Nov 2005 09:12:44 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 18 Nov 2005 09:12:44 -0000
X-Host-Fingerprint: 195.80.104.106 gw.mig.ee  
Received: from ([195.80.104.106:21182] helo=localhost.localdomain)
	by pb1.pair.com (ecelerity 2.0 beta r(6323M)) with SMTP
	id 66/50-07637-A0B9D734 for <internals@lists.php.net>; Fri, 18 Nov 2005 04:12:42 -0500
Message-ID: <66.50.07637.A0B9D734@pb1.pair.com>
To: internals@lists.php.net
Date: Fri, 18 Nov 2005 11:13:00 +0200
User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050809)
X-Accept-Language: en-us, en
MIME-Version: 1.0
References: <20051115221143.GA28082@hardened-php.net> <437B08C8.20804@iamjochem.com> <437B0C46.3080809@php.net> <75.66.07637.9497B734@pb1.pair.com> <437B7B73.602@prohost.org> <BB.DF.07637.2DFEC734@pb1.pair.com>
In-Reply-To: <BB.DF.07637.2DFEC734@pb1.pair.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Posted-By: 195.80.104.106
Subject: Re: [PHP-DEV] PHP 5.1.0 - sha256() and sha256_file() support
From: ants.aasma@mig.ee (Ants Aasma)

Roman Ivanov wrote:
> Ilia Alshanetsky wrote:
> 
>> You cannot give it
>> an md5 and have it generate you a string with the same md5 hash, so md5
>> is still relatively safe.
> 
> 
> http://www.google.com/search?q=md5+hash+lookup&start=0&start=0&ie=utf-8&oe=utf-8&client=firefox-a&rls=org.mozilla:en-US:official 
> 

I'd take that link with a grain of salt. :) Dictionary attack is 
dangerous regardless of which hash function you use. That is when you 
don't use a salt.

But md5 safeness depends on the purpose. It's use as a one way function 
hasn't been compromised (yet), but the ability to generate collisions 
means that it cannot be used to generate a fingerprint to detect 
malicious tampering. In my country we have legally binding digital 
signatures that currently use sha-1 to generate the fingerprint to sign 
and the weakening of sha-1's collision generation resistance is a bit 
unnerving. Fortunately the attacks are still too expensive to be useful, 
but I'm currently lobbying to have better hashes implemented.
It would be nice to have the default PHP install be able to atleast 
verifiy digitally signed files.

Ants Aasma