Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment Re:Dictionnary attack doesn't show any weakness (Score 1) 217

Not necessarily. There are many use cases where there is no disadvantage to a fast hashing algorithm. For example, secure hashes are commonly used to guarantee that data has not been modified. (I believe that PHP uses a hash for this purpose, as it is much faster than running rsa on the entire message.) What this REALLY tells us is something that we have known for a long time: fast hash functions are suboptimal for password "storage"/verification. We need to use something slower for dealing with passwords, such as bcrypt, which can be made arbitrarily expensive.

Slashdot Top Deals

Do not underestimate the value of print statements for debugging.

Working...