Is it safe to sign a short token with salted md5

xingxing hao

7/15/24, 11:10 AM

I want to generate some tokens for client as http cookie

can I md5 them with salt and then use "<random token>"+"<md5>" as the token for they can be verified in a cheap way

is it safe?

1 + 0

salt

Score:1

Crypto

bk2204

7/15/24, 5:03 PM

What you're referring to is a message authentication code, or MAC. In general, you should avoid using Merkle-Dåmgard hash functions (such as MD5, SHA-1, or SHA-2) with a salt or key as a MAC because of length extension attacks, among others.

If you need to generate a MAC of data like this, you should use HMAC with a secure hash function (e.g., SHA-256), KMAC (related to SHA-3), or BLAKE2 with its keyed mode. If you're not sure what to do, HMAC-SHA-256 is a fine default.

While using MD5 or SHA-1 with HMAC to secure a message doesn't have known practical attacks, there is no good reason to use either MD5 or SHA-1 in a new design, and you should avoid them altogether for any purpose.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is it safe to sign a short token with salted md5

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.