[Melbourne-pm] Data::Token

[Jacinta Richardson]

Scott Penrose wrote:

> So the question is:
> 
> 1) Am I missing the threads on the net
> 2) Are we jumping to the wrong conclusion because we are mixing  
> document signature faking with unpredictability
> 3) Is this really a problem and we are the first to really solve it.

I think it's 3 in so far that many of these modules were written before 17th 
August 2004 (which is when Xiaoyun Wang,Dengguo Feng, Xuejia Lai, and Hongbo Yu 
announced collisions for the full MD5 space (Their analytical attack was 
reported to take only one hour on an IBM p690 cluster.)).  Prior to this, the 
general assumption seemed to be that engineering a collision would be really 
hard, and finding a collision by accident would be next to impossible.

Since not everyone keeps up with cryptography news, people continue to use md5 
despite its issues.  This is not necessarily because it's a good idea.  It may 
even be as simple as when people think of hashing algorithms the first one that 
comes to mind is md5.

I expect that for the purposes of generating tokens, particularly with the use 
of a salt, that these issues aren't really a problem.  However, if you do so you 
are choosing to provide a less secure token than you could otherwise.  I think 
in general, using md5 for anything to do with security or with anything which 
might even be vaguely connected with the idea of security, is looking like a bad 
idea.

Regarding SHA1 and SHA2, "the security of SHA-1 has been somewhat compromised by 
cryptography researchers.  Although no attacks have yet been reported on the 
SHA-2 variants, they are algorithmically similar to SHA-1 and so efforts are 
underway to develop improved alternative hashing algorithms." ( 
http://en.wikipedia.org/wiki/SHA_hash_functions )

All the best,

	J