Stories
Slash Boxes
Comments

NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

use Perl

All the Perl that's Practical to Extract and Report

Dear lazyweb... More | Login | Reply

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Without JavaScript enabled, you might want to use the classic discussion system instead. If you login, you can remember this preference.

Brute force, I'm afraid (Score:1)

by mauzo (8185)

Since A, B, C, and D are just the four bytes of the digest, there's no way to calculate them without breaking MD5 (by brute force or otherwise).
- Re: (Score:1)
  
  by Ron Savage (5224)
  
  Well, these days there's no need to use brute force. Just use Rainbow Tables (see Google for details). The short answer is that people calculate the MD5 checksum for vast numbers of strings, so you just need to look up the result to reverse the process.
  And, now, let's hear it for: SHA1!!!!
Why do it that way? (Score:2)

by ask (83)

What do you gain from changing the start state over just adding some secret to the data you are md5'ing?
Oh wait - that's what you are asking about too. :-)
- ask

--
-- ask bjoern hansen [askbjoernhansen.com], !try; do();
Quite difficult (Score:1)

by polettix (7564)

If my recalls on the subject are right, $prefix should be the inverse hash calculated on 0x67452301efcdab8998badcfe10325476 in *your* system (i.e. the system with your initial state).
Now, you have a system that has more or less the same strength of MD5 (apart of course from your initial state, which might be stronger or weaker), and you're facing the problem of inverting a hash - which makes it quite difficult for you to find $prefix. As long as you find it, you know that you have to flush your system in th

Get More Comments

Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.