Talk:MD5
This is the talk page for discussing improvements to the MD5 article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
Archives: 1Auto-archiving period: 3 months |
This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
To-do list for MD5:
Priority 3
|
Need to more prominently address vulnerabilities
[edit]I strongly feel that the first sentence of this article needs to call attention to the fundamental insecurity of MD5 as a cryptographic hash function. It's literally the first thing that anyone needs to know about it. Some people are not aware of this and continue, even to this day, to use MD5 as a cryptographic hash function despite its unsuitability for this purpose.
I made such an edit on 26 Aug 2023 but it was reverted, the editor making the reversion said simply "Npov". Is there anything non neutral about the edit I made? Everything I said is absolutely accurate according to verifiable sources already cited in the article. Indeed everything I said in my edit the article already said; all I did was move that accurate and verifiable information into the lead sentence.
Another user again added mention of the algorithm's insecurity on 16 Mar 2024, but it was again reverted. This time the reverting editor stated "There's nothing insecure about a hash function, it does what's it supposed to do; the way we used it". This is a bizarre statement, "There's nothing insecure about a hash function"; there certainly is something (very) insecure about this hash function, and it absolutely does not do what it was supposed to do, and presumed to do, when it was designed and first widely implemented. Again, as all already discussed in detail in the article: "Historically it was widely used as a cryptographic hash function; however it has been found to suffer from extensive vulnerabilities. It remains suitable for other non-cryptographic purposes". Uh... right. So is there something wrong with saying it in the lead sentence? "The way we used it" is also a bizarre phrase: the way who used it?
What I, and the other editor, were trying to do, was merely give more prominence to information already discussed. I don't want to start an edit war, so I'm writing here.
Can anyone provide a justification for not stating the single most important fact about the topic of the article in the first sentence of the article?
If no one provides a real objection based in Wikipedia's policies and the facts about the article's topic as confirmed by verifiable sources, I'm going to again edit the first sentence to make clear what the article already accurately states lower down, that MD5 suffers from extensive vulnerabilities and is not suitable for cryptographic purposes.
75.166.157.156 (talk) 01:29, 31 May 2024 (UTC)
- The second sentence already addresses the security issue with: " Historically it was widely used as a cryptographic hash function; however it has been found to suffer from extensive vulnerabilities.". Maria Gemmi (talk) 15:02, 2 June 2024 (UTC)
- C-Class Cryptography articles
- Top-importance Cryptography articles
- C-Class Computer science articles
- High-importance Computer science articles
- WikiProject Computer science articles
- WikiProject Cryptography articles
- C-Class Computing articles
- Mid-importance Computing articles
- C-Class Computer networking articles
- Mid-importance Computer networking articles
- C-Class Computer networking articles of Mid-importance
- All Computer networking articles
- C-Class software articles
- High-importance software articles
- C-Class software articles of High-importance
- All Software articles
- C-Class Websites articles
- High-importance Websites articles
- C-Class Websites articles of High-importance
- All Websites articles
- Mid-importance Computer science articles
- C-Class Computer Security articles
- High-importance Computer Security articles
- C-Class Computer Security articles of High-importance
- All Computer Security articles
- All Computing articles
- C-Class Internet articles
- Mid-importance Internet articles
- WikiProject Internet articles
- Wikipedia pages with to-do lists