[
https://issues.apache.org/jira/browse/AVRO-1404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13853508#comment-13853508
]
Doug Cutting commented on AVRO-1404:
------------------------------------
I'm not sure why 16-byte hashes aren't good enough in this case. The hashes
are of the protocols. They do not provide security. They serve to uniquely
identify the protocol text required to encode and decode requests. 128 bits
should be large enough that collisions are extremely unlikely, which is all
that's required in this application.
Switching to another 128-bit hashing algorithm could be done compatibly, but
switching to a different hash size would not be compatible.
> Need support for SHA
> --------------------
>
> Key: AVRO-1404
> URL: https://issues.apache.org/jira/browse/AVRO-1404
> Project: Avro
> Issue Type: Improvement
> Components: java
> Affects Versions: 1.7.5, 1.7.6
> Environment: RHEL 64-bit
> Reporter: Marylou Orayani
> Attachments: AVRO-1404.patch
>
>
> Currently, avro only supports MD5 for its hashes. We need support for SHA
> since MD5 is not strong enough for our customer base.
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)
