[Dshield] Crypto Question
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Wed Mar 4 22:41:02 GMT 2009
On Wed, 04 Mar 2009 14:12:06 PST, John Hardin said:
> What's the likelihood that the same collision plaintext would generate the
> same crypto hash using several different algorithms?
A man with one watch always knows what time it is. A man with 2 watches is
never sure.
In general, either that first hash is believed secure, or it isn't. If it
is secure, you don't need a second hash. If you're worried enough about the
first hash that using a second one is starting to make sense, you probably
shouldn't be using the first one at all.
Or more concretely - if you're computing a SHA-256 hash because you don't trust
the MD5 hash, maybe it's time to just *retire* the MD5 entirely.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/list/attachments/20090304/c1662fcc/attachment.bin
More information about the Dshield
mailing list