Security Analysis of MD5 algorithm in Password Storage
| Autor: | Mary Cindy Ah Kioon, Zhao Shun Wang, Shubra Deb Das |
|---|---|
| Rok vydání: | 2013 |
| Předmět: |
Zero-knowledge password proof
Dictionary attack Computer science Salt (cryptography) Hash function Data security Encryption One-time password PBKDF2 Password strength S/KEY Data_FILES Key stretching Key derivation function Consistent hashing Password XOR cipher business.industry Universal hashing Dynamic perfect hashing Password cracking General Medicine 2-choice hashing MD5 Rainbow table Hash chain business Algorithm Double hashing |
| Zdroj: | Proceedings of the 2nd International Symposium on Computer, Communication, Control and Automation. |
| DOI: | 10.2991/isccca.2013.177 |
| Popis: | Hashing algorithms are commonly used to convert passwords into hashes which theoretically cannot be deciphered. This paper analyses the security risks of the hashing algorithm MD5 in password storage and discusses different solutions, such as salts and iterative hashing. We propose a new approach to using MD5 in password storage by using external information, a calculated salt and a random key to encrypt the password before the MD5 calculation. We suggest using key stretching to make the hash calculation slower and using XOR cipher to make the final hash value impossible to find in any standard rainbow table. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|