The example is flawed, in my opinion: the problem is "fitness for purpose". MD5 is not fit for its purpose, cryptography. If you are using it in any way you are exposing yourself to a security risk you should not take. It's that simple. Why is it so hard for people to understand thiis?
Andrea Raimondi I agree that MD5 is not fit for cryptographic purposes, but it may be suitable for other use cases where there are no security risks involved.
Stefan Glienke I beg to differ :)
ReplyDeleteThe example is flawed, in my opinion: the problem is "fitness for purpose". MD5 is not fit for its purpose, cryptography.
If you are using it in any way you are exposing yourself to a security risk you should not take.
It's that simple. Why is it so hard for people to understand thiis?
A
Andrea Raimondi I agree that MD5 is not fit for cryptographic purposes, but it may be suitable for other use cases where there are no security risks involved.
ReplyDeleteThank you for the information on the MD5 failures with security. I didn't know about the collision rate.
ReplyDelete