| From: | Florian Weimer <fweimer(at)bfk(dot)de> |
|---|---|
| To: | David Fetter <david(at)fetter(dot)org> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Greg Sabino Mullane <greg(at)turnstep(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [GENERAL] SHA1 on postgres 8.3 |
| Date: | 2008-01-21 07:53:14 |
| Message-ID: | 823asrty1h.fsf@mid.bfk.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
* David Fetter:
> Is there any country with laws so benighted that they restrict secure
> hashing algorithms? Right now, there's a contest between SHA1 and
> MD5 as to which one gets broken first, and SHA1 appears to be in the
> lead. SHAn for n>1 could preempt the awfulness of losing this race.
MD5 is broken in the sense that you can create two or more meaningful
documents with the same hash. This is not currently possible for
SHA-1 (at least no one has publicly demonstrated this capability).
SHA-256 etc. are sufficiently similar to MD5 and SHA-1, so it's not
clear if they add significant additional security.
(Sorry if this is what you've said.)
--
Florian Weimer <fweimer(at)bfk(dot)de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marko Kreen | 2008-01-21 08:08:38 | Re: [GENERAL] SHA1 on postgres 8.3 |
| Previous Message | Alex Turner | 2008-01-21 07:47:32 | Re: Sun acquires MySQL |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marko Kreen | 2008-01-21 08:08:38 | Re: [GENERAL] SHA1 on postgres 8.3 |
| Previous Message | Simon Riggs | 2008-01-21 07:33:57 | Re: mklink of pg_standby |