Steam was hacked

[Mist]

To 'hash' ( wikipedia definition ) is to assign a smaller key ( preferably unique ) to a bigger element of a set.

MD5 is a type of hashing algorithm - wikipedia provides a long, if slightly technical, description of it.

In a nutshell, it takes something ( a number, a value, a word, a sentence or even whole files ) and using mathematical algorithm transforms it into a 32 digit long hexadecimal key.

For example a MD5 hash of "Amelia" would be 3ea6 597c 3cbd 06e9 3a46 b9f5 368 732d ( spaces mine for clarity )

The same thing is done to all passwords used in Civ 4 BTS.

MD5 hashes are cheap and popular way of encrypting things over Internet. But in all forms ( salted or not ), they are not a good tool to store passwords or login credentials. It's pretty easy to 'bruteforce' short md5 hashed password ( that is generate all possible values for a short password until you hit the one you're looking for using a computer program, I've done this for BTS PBEM 4 ), there are also 'rainbow tables' published over Internet that make this process faster ( rainbow table is a pre-generated list of 'text string'->'hash value' pairs to search through ). For all kind of passwords MD5 is vulnerable to collisions ( two different inputs producing the same hash ).

[sunrise089]

Do "collisions" undermine even long "strong" passwords? In effect you're just brute forcing the first match, rather than something like mYpa$sW0rd1suncRackab13yo which is presumably very difficult, right?

[Mardoc]

Do "collisions" undermine even long "strong" passwords? In effect you're just brute forcing the first match, rather than something like mYpa$sW0rd1suncRackab13yo which is presumably very difficult, right?

In principle, it's possible. In practice, this is one of the features that distinguishes a good hashing algorithm from a bad one. A good hashing algorithm has very few collisions, and stores more data as the hash than even a strong password. Generally the good algorithms fall into the same category as teleportation through the wall by all your atoms deciding to quantum tunnel at the same time in the same direction. Technically possible, but practically not.

It is the sort of thing that prompts people to say 'don't roll your own security system, find one that's known good and copy it', though. There's just too many pitfalls like that.

[sunrise089]

Great explanation. But then since MD5 is popular and successful why is it a bad system to encode passwords in?

Also, I know the best way to keep a password secure: have Krill use it as the admin password in a PBEM game :neenernee

[Krill]

Just pick 6 different words and use them as the password. Easy to remember, and a bitch to crack.

[Mardoc]

Great explanation. But then since MD5 is popular and successful why is it a bad system to encode passwords in?

Well, you're getting out to the edge of my knowledge here, but as I understand it - it's because people have figured out how to create those collisions you asked about earlier without relying on luck. With a bonus of that MD5 calculates quickly, so any brute force attack is easier to run.

Hashes are used for lots of other purposes, such as making sure a file received is not corrupted, and MD5 still works for that purpose.

Plus - well, I personally think understanding the hash algorithm is easier than understanding the way to break it. There's a lot of security done on the principle of 'if I can't figure out how to break it, it must be impossible to break' .

[T-hawk]

Great explanation. But then since MD5 is popular and successful why is it a bad system to encode passwords in?

1. The popularity works against it, since attack methods become well-known and things like precomputed rainbow tables become available.

2. Technology marches on. MD5 was great when tiny little 8 MHz CPUs took a substantial fraction of a second to calculate it. MD5 isn't so great when you can throw 256 parallel cores on a GPU running at 3 GHz to brute force break billions of combinations per second.

[antisocialmunky]

Just pick 6 different words and use them as the password. Easy to remember, and a bitch to crack.

Until you tell someone because then suddenly the space of all passwords becomes quite small.

Unless you don't do your passwords that way as only Rego does that

[SevenSpirits]

Until you tell someone because then suddenly the space of all passwords becomes quite small.

By small, you mean something like 100,000 ^ 6?

[antisocialmunky]

1000000000000000000000000000000

Lets say that is the actual space.

#1) I know the space is finite therefore explorable with enough power.
#2) Assuming each word known to be 6 letters long. This is 36 characters, if I only knew they were alphabetical characters, that would be :26^36 = 8.6904152163272468261061026005374e+50 which is approximately 869041521632724682610.61026005374 larger than the number you gave.

So yes, limiting the space helps.