On 6/5/07, Marko Kreen <markokr@gmail.com> wrote:
> both md5 and sha1 are actually easier to bruteforce than
> the old DES-based crypt.
If this statement seems weird - the problem is the speed.
MD5 and SHA1 are just faster algorithms than des-crypt.
And there's nothing wrong with fast general-purpose algorithms,
as long their cryptographic properties hold. Starting from
20-30 bytes the bruteforce is really not an option.
But if you have under 10 bytes (let be honest - you have
6 bytes...) the speed start to matter, because it is possible
on random laptop to simply try all combinations.
--
marko