Jump to content

llMD5String reversible?


Gregory McLeod
 Share

You are about to reply to a thread that has been inactive for 3620 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

To further on the MD5 / SHA1 / etc conversation ... not even a straight SHA1 hash is really secure.  You should additionally "salt" your hashes with a dynamic string and consider hashing multiple times.

From your question, however, I imagine you are looking for an efficient way to pass large chunks of data from one place to another?  How big is the data?  And is it object->object or object->web->object?  There are potentially other solutions.

Link to comment
Share on other sites

I believe that SHA1 has also been recently compromised - not BROKEN, but an algorithm found that can give a string that will be converted to a known hash made with SHA1. Do not remember where I read this, so take it with as much, er, salt as deemed appropriate. I don't know when/if Linden Labs intends to add support for it, but SHA3 is apparently a far more secure animal than its older cousin.

Link to comment
Share on other sites

There's a theoretical SHA1 collision attack which reduces the complexity of any attack vectors. It's impractical to use, so it's still reasonably safe. The original attack vector was found 2005 and improved over the years. Today we have SHA-2 and most recently SHA-3 but neither is included in LSL. I don't think it's all that urgent to have either.

For "strong" encryption there's an XTEA library here: http://wiki.secondlife.com/wiki/XTEA_Strong_Encryption_Implementation

Link to comment
Share on other sites

You are about to reply to a thread that has been inactive for 3620 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...