undefined | Better HN

0 pointsmichaelmior11y ago0 comments

The point is that it makes it easier for an attacker to find a hash collision. It's much easier to construct data which hashes to a given value if it can be of arbitrary length. I don't immediately see the connection with this article however.

0 comments

asdfaoeu11y ago

I don't follow. Breaking a password hash your not trying to find a hash collision you need to break the preimage attack. Sure are some stage in the future there might be a preimage attack that requires a large amount of data to use. But really if your worried about theoretical preimage attack you aren't using md5.

tptacek11y ago

The attacker doesn't need a hash collision in the case you're describing; they need a preimage.

j / k navigate · click thread line to collapse

0 pointsmichaelmior11y ago0 comments

0 comments

asdfaoeu11y ago

tptacek11y ago

The attacker doesn't need a hash collision in the case you're describing; they need a preimage.

j / k navigate · click thread line to collapse