My apologies, I forgot to address something:
On Sat, Oct 21, 2017 at 12:50 PM, Hanno Böck <[email protected]> wrote:
> On Sat, 21 Oct 2017 12:12:44 -0500
> R0b0t1 <[email protected]> wrote:
>
>> That is precisely why I didn't suggest it be used on its own (see note
>> about extant use of MD5), and why I gave alternatives. If it is
>> desired that the hashes be computed quickly then weaker hashes will
>> need to be used. One usually can't have both security and speed.
>
> You can have that. Blake2 is faster than any broken legacy hash.
> And ripemd isn't particularly fast
>
Fair enough, but it is new and may have security problems related to
its operation that have not been found. This is hard to reason about,
but I would note that many cryptographic standards are fairly
conservative for similar reasons.
Ease of computation reduces security.
Respectfully,
R0b0t1
