Content deleted Content added
m + WikiProject Cryptography |
→Please - No MD5: new section |
||
Line 2:
{{WikiProject Computing|security=yes|class=C|importance=low}}
{{talk header}}
== Please - No MD5 ==
I agree the following is a correct statement:
<blockquote>Modern password-based key derivation functions, such as PBKDF2 (specified in RFC 2898), use a cryptographic hash, such as MD5 or SHA1, more salt (e.g. 64 bits) and a high iteration count (often 1000 or more).</blockquote>
However, I feel mentioning MD5 is an implicit approval of the algorithm. MD5 was broken some time ago, and its often available for compatibility only. For example, MD5 is banned from US Federal use except in some compatibility cases such as use in SSL/TLS as part of pseudorandom number generator component. Additionally, others, such as the author of md5crypt, has stated the algorithm is broken, should not be used, and the program is at End of Life.
Would it be possible to yank references to MD5 that sound like an endorsement? In its place, mention Whirlpool, which is [[NESSIE]] and [[ISO/IEC]] approved. More importantly, the SHA-2 family and Whirlpool's security properties are in tact.
| |||