Is md5(md5(password).salt) secure?

Question

I know md5 is considered non-secure but what if someone used md5(md5(password).salt) instead? Isn't this technically better / more secure?

Let's say somebody finds an attack that can crack an hash from a hash function within a day. If it's a general attack it will work for *every* hash so H(password) and H(H(password)) are both hashes of the same size and thus vulnerable to the same attack and crackable in exactly the same time. — mroman, Sep 09 '16 at 11:27
if you repeated the inner one 10,000 times before hashing, it would be somewhat safer by making it hard to run on dedicated hardware (ASICs) and prevent pre-rolled cracker profiles from working. — dandavis, Sep 09 '16 at 12:46

score 5 · Accepted Answer · answered Sep 09 '16 at 05:12

The hash md5(md5(password).salt) is just as secure as md5(password.salt) .

All the difference i can see is the additional MD5 calculation md5(password) which increases the computing time the attacker needs to spend by a little and it may not be going to make a big difference.

Lets say the attacker takes the most used 100 passwords like welcome,monkey with md5 values 40be4e59b9a2a2b5dffb918c0e86b3d7,d0763edaa9d9bd2a9516280e9044d885 respectively.

He need to brute force password as well as salt in md5(md5(password).salt) using the list welcome,monkey .

Example:md5(md5("welcome").salt)

He can simple do away with that additional MD5 calculation by using the list of md5 values calculated one time.

Example: md5("40be4e59b9a2a2b5dffb918c0e86b3d7".salt)

I'm not sure but I guess the same is also known as [Meet In The Middle Attack](https://en.wikipedia.org/wiki/Meet-in-the-middle_attack). — 7_R3X, Sep 09 '16 at 11:08

score 2 · Answer 2 · answered Sep 09 '16 at 07:24

Such combinations are often supported out of the box by password cracker tools. Have a look at the algorithms of hashcat you will see a lot of similar combinations. MD5 is not appropriate to hash passwords because of its speed, brute-forcing is ways too easy (about 100 Giga MD5 per second), so no it is not secure.

score -1 · Answer 3 · answered Sep 09 '16 at 07:37

-1

No

When you are using md5(md5(password).salt) method it's as strong as md5(password.salt). It seems, that it need more time to find a collision when you are using md5(md5(password).salt) method. In that case, you can use bcrypt to manually slow down the collision attack operation. And using old md5 - bad idea.

answered Sep 09 '16 at 07:37

Bynov

11
1

This adds nothing new to the other answers. – Sep 09 '16 at 08:19

Is md5(md5(password).salt) secure?

3 Answers3