Re: Moving away from MD5
Galen Hazelwood wrote:
>Forced to choose, I would say SHA-1. The design parameters aren't
>_that_ secret; there's an excellent discussion and comparison in
>Schneier's "Applied Cryptography" 2nd Ed. (You don't have a copy?
>Shame on you!)
Of course I have a copy (shame on you for suggesting that I don't :-),
but Schneier didn't know about the weaknesses in MD5 when he wrote that
>I'll look at RIPEMD-160 as you suggested, but am skeptical for now.
When you do that, please keep in mind that Hans Dobbertin (the guy who
cryptanalyzed MD4 and MD5) is one of the authors of RIPEMD-160, and that
SHA-1 came out before that method of attack became public knowledge.
Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, email@example.com.
The joy of engineering is to find a straight line on a double
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to firstname.lastname@example.org .