I suggest that SHA224 does not qualify as "SHA256 or better". Truncating any hash should not be considered equivalent or better. Reductio ad absurdum: truncate to 128 bits, 16 bits, 8 bits, or 1 bit.
On Mon, 2021-03-29 at 08:15 +0000, Theallredman via Python-Dev wrote: > No need to be condescending. Trust me when I say I know the bit > length relates to the collision resistance. Also trust me when I say > there are other dimensions upon which to consider one hash algo over > another other then just collision resistance such as, power > consumption, execution time, whether or not the algorithm suffers > from length extension attacks. > > I'm assuming the reason MD5 and SHA1 were both disallowed were > because they have been proven to have a collision resistance less > then 1/2 their bit length. But this is not the case for SHA224. It > is just a truncated version of SHA256 and thus the underlying > algorithm is just as strong as SHA256 except that you can expect to > find a collision in about 16 bits of work less. > > So going back to my actual question SHA224 is disallowed in record > files because it's bit length is less then 256? > _______________________________________________ > Python-Dev mailing list -- python-dev@python.org > To unsubscribe send an email to python-dev-le...@python.org > https://mail.python.org/mailman3/lists/python-dev.python.org/ > Message archived at > https://mail.python.org/archives/list/python-dev@python.org/message/NKMWTOLR5GVSKGYWPBHB7FGMD33IYCNK/ > Code of Conduct: http://python.org/psf/codeofconduct/
_______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/2RGX3KHUWHTL55RJ252RSY67HXCNWOLY/ Code of Conduct: http://python.org/psf/codeofconduct/
