|
From: | Aaron Bentley |
Subject: | Re: [Gnu-arch-users] Re: MD5 is broken |
Date: | Wed, 16 Mar 2005 08:45:31 -0500 |
User-agent: | Mozilla Thunderbird 0.6 (X11/20040530) |
Karel Gardas wrote:
Yes, I agree, but combining two hashes from which one is considered broken and one is considered weak these days is IMHO less secure than using one hash which is considered secure.
Even the reduced-rounds attacks on SHA-1 still require more rounds than MD5 ever required.
Combining two hashes is more secure than using one. If you rely on one, it may be broken.
If you rely on two hashes A and B, both must be broken, and the combination of them must be broken. That is, you must find two useful texts that produce the same hash using A, and produce the same hash using B.
So while it's definitely time to look at alternative hashes, I don't think it makes sense to migrate to just one. What if the new hash was cracked wide open, while no further progress was made on SHA-1?
Aaron -- Aaron Bentley Director of Technology Panometrics, Inc.
[Prev in Thread] | Current Thread | [Next in Thread] |