MD5

[Nex0]

So by my understanding you can only compare 2 MD5 hashes, however you can't necessarily 'decrypt' it.

Is this right?

[bad_brain]

yep! that's the difference between encryption and hash, a hash works only in 1 direction....MD5 isn't an encryption method...

[ayu]

It is, however, a cryptographic hash function.

The only difference I know of between such a hash algorithm and a regular one, is that in a cryptographic algorithm, all hashes has to be unique, although MD5 has failed there a bit.

Not entirely sure about that though, can anyone else give some input there?

[bad_brain]

I've read around a bit and it seems to be not even possible to create an algorithm which would create uniques only. every algorithm is prone for collisions, only the probability can be decreased until the effort it would take to find them would make it technically pointless (because you would have to wait for years).

http://en.wikipedia.org/wiki/Collision_ ... science%29" onclick="window.open(this.href);return false;

the reason why MD5 and SHA-1 is now insecure is not a general design flaw of the algorithms, it's because at the time when the algorithms were created the processing powers of the computers made it technically pointless to look for collisions.....but now compare a Pentium1 with the modern 6-core CPUs...

[B4N3]

But isn't there the "salted" hash, wich makes the normal MD5 more secure?

[bad_brain]

yep! the salt is simply a 2nd hash, so the amount of possible combinations is increased which makes it harder to find collisions. it's also not uncrackable, but a lot harder because bruteforcing takes much longer and the regular MD5 rainbow tables can't be used...