Collision resistance is irrelevant if there's already a hash value specified. Wh... | Hacker News

HN2new | past | comments | ask | show | jobs | submit

		phyzome on Jan 2, 2020 \| parent \| context \| favorite \| on: TextCaptcha: Simple Textual Captcha Challenges Collision resistance is irrelevant if there's already a hash value specified. What matters here is being able to find preimages for a given output, and even if MD5 had a practical preimage attack, it would be too expensive to use just for cracking captchas. :-) PHP is a red herring; this would apply for any language.

shakna on Jan 2, 2020 [–]

> PHP is a red herring; this would apply for any language.

I used the warning from the PHP manual, because the site creator should be familiar with it.

You'll find similar warnings against MD5 everywhere.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact