On 10/12/10 11:16 AM, David Shaw wrote: > > Yes, but at the risk of pedantry:
I'd rather the accuracy of pedantry than be mired in uffish thought. > The attacks against SHA-1 haven't been extended to the SHA-2 family > yet. By truncating a SHA-2 to 160 bits, you're creating a > non-broken (for now) 160-bit hash. Think of it as a non-broken > SHA-1: it's theoretically as strong as SHA-1 once was thought to be, > but not stronger. > > (i.e. it's a great SHA-1 alternative, but it's not as strong as a > full-sized SHA-2). Alright, that's pretty clear, thanks. Regards, Ben
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
