Mysidia Adoptables Support Forum

Mysidia Adoptables Support Forum (http://www.mysidiaadoptables.com/forum/index.php)
-   Suggestions and Feature Requests (http://www.mysidiaadoptables.com/forum/forumdisplay.php?f=21)
-   -   Stop Using MD5 (http://www.mysidiaadoptables.com/forum/showthread.php?t=711)

Ashje 04-20-2009 10:45 PM
Stop Using MD5
 
Quote:
Originally Posted by Building Browsergames
Stop Using MD5

I recently got a comment on the tutorial entry about securing our hashes that felt like it should be turned into it’s own warning, passed on to all readers. Unfortunately, the poster didn’t give me any information, so I can’t credit them - but here’s what they said about why you shouldn’t be using MD5:

You know, it’s really frustrating seeing people trying to pass off obscurity for security. It doesn’t work. It never has. Don’t do it. Don’t promote it. Because, when you do, it damages security overall.

MD5 has been known to be useless as a security measure for well over a decade. Why people keep using it I will never know. Especially, when the SHA family is *vastly* more secure and available in all languages. Here’s the PHP page for hash():

http://ca3.php.net/manual/en/function.hash.php

Just use SHA256/512 and be happy until the winner of the NIST contest is found. Then use that.

At any rate, your ’salt’ completely misses the point of MD5’s weakness (btw, that’s security through obscurity which is completely useless). As in, if they have access to your DB, then chances are that they have (or could have) access to your source as well. Also, I could generate a collision to that password in well under a minute:

http://eprint.iacr.org/2006/105

So, I might not have the actual password. But, I’ll certainly have *a* password that will generate the same hash. If it doesn’t work, then I look at the source and find the obscuring factor, make a minor adjustment to my collision finding code and rerun. In seconds I’ll start getting positive results. Yes, it *is* that easy.

If you want to migrate people over to the new hash, then just create a new column in the DB which will hold it and set it to null. Then on login, if this value is null redirect them to a change your password page. *Require it*. Then after some months, drop the MD5 column, clean up the logic and have the remain inactive users use the forgot your password feature if they want to play again.

That might sound like a lot of work, but it really isn’t. Especially, when considering it’s the programmers fault for screwing up the security in the first place.

There are some good points made here - so if you’re using MD5 in your game for your hashes, you may want to look into updating your code.
Something I came across...

thenickdude 04-21-2009 02:29 AM
RE: Stop Using MD5
 
There's nothing wrong with using a properly salted MD5 hash for passwords. A different, randomly generated salt for each password makes it totally infeasible to generate the sort of rainbow hash tables that lets you crack unsalted MD5 passwords in minutes. That being said, I haven't examined the implementation in the Rusnak script.

The best weakness result I'm aware of for MD5 is the ability to generate two plaintext sequences which both hash to the same value. This is more or less worthless for an attacker on this system. You could generate two passwords, both of which hash to the same value, and use either one to log in to your account. But you don't get to choose either password or the hash value you end up with. This is a very different task to finding a plaintext sequence which hashes to a *specific* value.

BMR777 04-21-2009 03:51 PM
RE: Stop Using MD5
 
For this application MD5 hashes are sufficient, however I will look into this.

Ashje 04-21-2009 05:53 PM
RE: Stop Using MD5
 
^
Ok. XD Just something I found and thought you might want to take a look at. =D


All times are GMT -5. The time now is 03:47 AM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.