On Tue, Dec 18, 2007, Matija Grabnar <[EMAIL PROTECTED]> said: > Aaron Stone wrote: >> I'm a big fan of double digest. I don't think the algorithm matters much, >> just as long as the two are very different. Even just MD5 and SHA1 should >> be plenty good, IMHO. >> > No, not more than some checksum that was as long as the sum of the two > checksums you were using.
I believe that you are incorrect. If someone can algorithmically break one algorithm, regardless of its length, it is broken. That someone can simultaneously break two algorithms that generate that hashes in very different ways is much more unlikely. > If you want to be *certain* that you will only have one different mime > part for a give key, > you need a two part key where the second part of the key is the sequence > number (i.e. the first mime part with this checksum value, the second > one). In practice, most of the second > parts of the key will have a value of 1, but theoretically, with > multi-megabyte > attachments, millions of them could map to the same checksum value. I'm hearing that when there's a digest collision, people want to see the bytes compared to be double damned certain of not giving wrong bytes. Aaron _______________________________________________ DBmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
