Some everyone is saying how easy it is to crack md5. Say I have an md5 hash and ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tocomment on Dec 15, 2010 \| parent \| context \| favorite \| on: How To Safely Store A Password Some everyone is saying how easy it is to crack md5. Say I have an md5 hash and I know it was created from a 1000 byte string. How long would it take to enumerate all 1000 byte strings that could create that hash?

gxti on Dec 15, 2010 [–]

Actually you can (almost surely) stop cracking at 16 bytes, because that's how long MD5 digests are and any more bits than that are going to give you hashes you've already seen. You won't get back the original string but you don't need the original string.

seunosewa on Dec 16, 2010 | [–]

Actually, you have to go a bit beyond 16 bytes to be sure.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact