Posted Jun 16, 2005 6:48 UTC (Thu) by beejaybee
Parent article: MD5 collisions
"Given the number of practical attacks on MD5, it may be time to move to a Federal Information Processing Standards (FIPS) approved hash algorithm, such as SHA-256, or SHA-512."
Assuming we can be persuaded that these are fundamentally more secure. My guess is that rather less effort has been directed at breaking these than MD5 and SHA-1 given that there is less practical value in breaking them.
"Note that vulnerabilities have recently been found in SHA-1"
But isn't there a fundamental point here - if we sign a document with both MD5 and SHA-1, it becomes at least several orders of magnitude harder to fabricate a forgery, and several orders of magnitude more than 8 hours is reasonably safe - maybe more so than a relatively unresearched, untried algorithm.
Fact of the matter is, whatever algorithm is used, the possibility of hash collisions can _never_ be discounted.
to post comments)