Stefano Zacchiroli <[email protected]> writes: > But kpcyrd is fully right: while we wanted to standardize SWHIDv1 > because it was already (de facto) used out there, SWHIDv2 with stronger > hashes is needed and we are already working on it. Tentatively we want > to simply switch to SHA-2, with SHA-256 hashes, which would be a > relatively easy standard upgrade. But at the same time it will also make > textual hashes much longer, so we would *also* like to offer some more > compact representations of hashes than hex (possibly as an optional > alternative to hex encoding).
How about using SHA3-256 and base64 encoded hash values? SHA2 was published in 2001. It suffers from the same Merkle-Damgard limitations that SHA1 has. The SHA-3 algorithm was published in 2012. There are incremental security results for SHA2: https://en.wikipedia.org/wiki/SHA-2 If truly you are not relying on cryptographic properties, how about using a non-cryptographic hash function like xxHash instead? However I think that at some levels, your hash values will be used in ways that have security implications, so using a modern and strong hash algorithm seems prudent. I would not classify SHA2 as modern, it is over 25 years old. /Simon
signature.asc
Description: PGP signature
