Re: method of ID'ing

by tachyon (Chancellor)
on Apr 13, 2002 at 19:37 UTC

in reply to method of ID'ing

use MD5; my $MD5 = new MD5(); $MD5->add( $$ . rand() . time() ); my $id = $MD5->hexdigest;




Replies are listed 'Best First'.
Re: Re: method of ID'ing
on Apr 13, 2002 at 21:29 UTC

    Does MD5 have a one to one relationship between the plaintext and the cyphertext? In other words, is it impossible for two different strings to map to the same MD5 string? If not, you might be introducing a potential for collisions by using it.

      So they say. Check out the unofficial MD5 homepage here or read the full RFC1321




        An MD5 collision is known, for particular values of "known". This is probably not an issue for the average web-based script, though.

      It has a one to (one of 2 to the 128th) possible values. Since the output domain of MD5 is limited to a 128 bit string, it is possible for more than one value to map to the same output value. It is a very small chance that two of the given inputs would ever map to the same string (unless there were a statistically significant percentage of 2^128 worth of entries) and even if there were, I don't believe this code is being used for something which is intended to be mission critical.

      Another issue to consider with MD5 is that the input value needs to be fairly large, if you're using it for 'important' purposes. Since MD5 operates on strings of size evenly divisible by 512, and pads otherwise, it's important to make sure you have at least one full block, to retain computational protection.

      Hope that helped.

      -il cylic

