At 02:54 PM 8/18/2004, Chris Doherty wrote: >what you can do, if you have a proper attack formula, is find *a* message >that produces *that one hash*. that is, if I have message M which produces >hash H, I can use the attack to find *a* message M' which will also >produce hash H. The thing is, passwords are short and have limited entropy. Chances are, if you find a password that produces the same hash, it's M. --Brett _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"