-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Moin,
On Tuesday 23 January 2007 19:20, Mark Clements wrote:
"Tels" nospam-abuse@bloodgate.com wrote in message news:200701231852.29592@bloodgate.com...
What function you actually use for H(), may it be MD5 or SHA1, is practically irrelevant here, tho, but when you migrate to such a scheme, you might as well use SHA256 instead of MD5 (even if it is just to quiten all the "MD5 is insecure" cryers :)
In security, doing things because "you might as well" is an incredibly bad idea! A security system should only be changed to be a _better_ security system (and even then after it has been proven to be better). _Never_ because it's 'probably not worse'!
I agree with you in principle, but please note that I advocated the switch "as well" because:
* SHA256 is generally considered a more secure hash (or it would be silly to switch) * after changing the core algorithm, you must evaluate the security of the new system, so you might as well *consider* switching the hash function, because then you need to do the switch only once and the evaluation only once, too. You know, as to not having to redo this in a few months when the next attack on MD5 comes (this time affecting your system)
Of course, you evaluation might also result in "there is no need to switch anything".
Best wishes,
Tels
- -- Signed on Tue Jan 23 21:24:46 2007 with key 0x93B84C15. View my photo gallery: http://bloodgate.com/photos PGP key on http://bloodgate.com/tels.asc or per email.
"In 1988, Jack Thompson ran against Janet Reno for DA of Dade County: Thompson's unique campaign message was that Reno was unfit for the job because, as a closeted lesbian with a drinking problem, she was great candidate for blackmail by the criminal element. Jack never explained why this remained a threat even after he exposed her 'secret'. Reno cruised at the polls."