问题描述
10 月 2 日,NIST 决定 SHA-3 是新的标准哈希算法.
MD5 用户是否应该开始迁移到 SHA-3?到别的东西(见下文为什么不推荐使用 SHA-3)?bcrypt?
为什么不{MD5、SHA1、SHA256、SHA512、SHA-3,等}?
而且,这真的很重要吗?即使你的密码是咸的?
不使用 MD5 来散列密码的主要原因并不是 MD5 严重受损甚至被认为已损坏.>
确实,MD5 存在已知漏洞.但它们都不会对您使用 MD5 构成严重威胁.因为在您的情况下,唯一的威胁是原像攻击,攻击者会尝试找到已知散列的原像,例如已知(加盐)密码哈希的密码.并且可能已知的针对 MD5 的原像攻击只是理论上的,并且将工作量从 2 降低到 2,这没有什么大的优势.平均为 2 的蛮力攻击仍然更有希望.
不,不使用 MD5 的主要原因是 MD5 太快.使用当今经济实惠的计算机,您可以每秒生成和测试 7190M MD5 哈希.无论是否加盐,所有8个字符长的字母数字字符组合都可以在大约8.5小时内进行暴力破解.
相比之下,像 bcrypt $2a$ 这样的散列函数每秒只能生成和测试 4085 个散列,因此只有 0.00005682 % 的 MD5 散列数.使用 bcrypt $2a$,您需要 1694 年才能进行相同的尝试.
On the 2nd of October NIST decided that SHA-3 is the new standard hashing algorithm.
Should MD5 users start migrating to SHA-3? To something else (see below why SHA-3 is not recommended)? bcrypt?
Why Not {MD5, SHA1, SHA256, SHA512, SHA-3, etc}?
And, is this really critical? Even if your password is salted?
The main reason not to use MD5 for hashing passwords is not the fact that MD5 is severely compromised or even considered broken.
It’s true, MD5 has known vulnerabilities. But none of them do pose a serious threat to your use of MD5. Because in your case the only threat would be a preimage attack where an attacker would try to find a preimage of a known hash, e.g. the password to a known (salted) password hash. And the probably known preimage attack against MD5 is only theoretical and lowers the effort from 2 to 2, which is no big advantage. A brute-force attack with an average of 2 is still more promising.
No, the main reason not to use MD5 is because MD5 is too fast. With a todays affordable computer you can generate and test 7190M MD5 hashes per second. All 8 characters long combinations of alphanumeric characters can be brute-forced in about 8.5 hours, no matter whether with or without salt.
In contrast to that, with the hash function like bcrypt $2a$ one can only generate and test 4085 hashes per second, so only 0.00005682 % of the number of MD5 hashes. With bcrypt $2a$ you would need 1694 years for the same attempt.
这篇关于我正在使用 MD5 来散列密码.我应该什么时候跳到下一件事?SHA-3?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!