> I realize that they are different. I'm just not clear as to > my decision on which route to take, personally and > professionally. I've also heard stories of Hash values still > being able to be cracked on a comparison basis, because when > you get down to the logic, all the hacker cares is if their > value matches yours. With that said, I understand AES to be > the only grade of encryption accepted by the military and > government, and that's why I'm questioning some of this... If > AES is so strong, and you have a proper Key management system > (which I can safely say I do) then is there any reason to use > Hash? I just don't want to overlook hashing values because of > a personal interest in AES if there's no reason to overlook it.
It is generally much more likely that your key management system will have a vulnerability, than that someone will be able to identify hash values through brute-force comparison. If you don't need to retrieve the plaintext value in the future, all you need is a hash for later comparison. Use a hash. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:239427 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
