Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re: Re: method of ID'ing

by ehdonhon (Curate)
on Apr 13, 2002 at 21:29 UTC ( [id://158861]=note: print w/replies, xml ) Need Help??


in reply to Re: method of ID'ing
in thread method of ID'ing

Does MD5 have a one to one relationship between the plaintext and the cyphertext? In other words, is it impossible for two different strings to map to the same MD5 string? If not, you might be introducing a potential for collisions by using it.

Replies are listed 'Best First'.
Re: Re: Re: method of ID'ing
by tachyon (Chancellor) on Apr 13, 2002 at 22:11 UTC

    So they say. Check out the unofficial MD5 homepage here or read the full RFC1321

    cheers

    tachyon

    s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print

      An MD5 collision is known, for particular values of "known". This is probably not an issue for the average web-based script, though.

        Thanks for the info, certainly news to me!

        SDK rule 1: There is always an unforseen edge case. According to Sod's law (Sod reckonned Murphy was an optimist) this edge case will of course cause the worst possible problem, which will naturally occur at the worst possible moment and have the most catastrophic effects....am I a jaded cynic?

        The probability appears rather low

        Here is a good link on hashing functions on the RSA site

        cheers

        tachyon

        s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print

Re: Re: Re: method of ID'ing
by ilcylic (Scribe) on Apr 15, 2002 at 01:01 UTC
    It has a one to (one of 2 to the 128th) possible values. Since the output domain of MD5 is limited to a 128 bit string, it is possible for more than one value to map to the same output value. It is a very small chance that two of the given inputs would ever map to the same string (unless there were a statistically significant percentage of 2^128 worth of entries) and even if there were, I don't believe this code is being used for something which is intended to be mission critical.

    Another issue to consider with MD5 is that the input value needs to be fairly large, if you're using it for 'important' purposes. Since MD5 operates on strings of size evenly divisible by 512, and pads otherwise, it's important to make sure you have at least one full block, to retain computational protection.

    Hope that helped.

    -il cylic

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://158861]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others avoiding work at the Monastery: (5)
As of 2024-03-29 07:14 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found