Sergey - nice summary. Let me just add that there are more uses and
aspects that should be taken into account.
Passwords:
- cpu time vs memory usage vs parallel computation - it is difficult
to address everything with one function, but yescrypt:
https://www.openwall.com/yescrypt/
- side-channel at
*** Markus Wichmann [2021-04-14 06:03]:
>I don't care about the speed of a hash function.
If we a talking here about checking software integrity, then speed is
important. Millions of people check the hash of downloaded files -- if
it is slow, then huge quantity of time/energy is wasted. Less time
On Tue, Apr 13, 2021 at 09:58:56PM +0300, Sergey Matveev wrote:
> *** Markus Wichmann [2021-04-13 20:17]:
> >Y'know, while we're bikeshedding, why not just use SHA-3?
>
> Answer is: https://www.imperialviolet.org/2017/05/31/skipsha3.html
I don't care about the speed of a hash function. Speed of a
*** Markus Wichmann [2021-04-13 20:17]:
>Y'know, while we're bikeshedding, why not just use SHA-3?
Answer is: https://www.imperialviolet.org/2017/05/31/skipsha3.html
and answer for that:
https://cryptologie.net/article/400/maybe-you-shouldnt-skip-sha-3/
SHA3 is good, but "offers no compelling adv
wt., 13 kwi 2021 o 21:29 Sergey Matveev napisał(a):
>
> *** Mattias Andrée [2021-04-13 20:48]:
> >But interesting, even though Keccak (from which SHA-3 is
> >derived) won over BLAKE2, BLAKE2 seems to be more popular.
>
> Keccak won over "BLAKE". "BLAKE2" is reduced-round tweaked "BLAKE" version.
>
*** Mattias Andrée [2021-04-13 20:48]:
>But interesting, even though Keccak (from which SHA-3 is
>derived) won over BLAKE2, BLAKE2 seems to be more popular.
Keccak won over "BLAKE". "BLAKE2" is reduced-round tweaked "BLAKE" version.
BLAKE2 is very fast, having very high security margin and abiliti
Sure, any good signature. SHA512 is stronger than SHA1, MD5 and SHA256. It
shouldn't take a second more than others. Why use a weaker checksum?
Thanking you
Sagar Acharya
https://designman.org
13 Apr 2021, 20:15 by daniel.cegie...@gmail.com:
> How/where SHA512 is better than SHA256 or SHA1? I
On Tue, 13 Apr 2021 20:17:37 +0200
Markus Wichmann wrote:
> On Tue, Apr 13, 2021 at 05:08:31PM +0200, Mattias Andrée wrote:
> > On Tue, 13 Apr 2021 16:57:39 +0200
> > Sagar Acharya wrote:
> >
> > > Sure, any good signature. SHA512 is stronger than SHA1, MD5 and SHA256.
> > > It shouldn't take
On Tue, Apr 13, 2021 at 05:08:31PM +0200, Mattias Andrée wrote:
> On Tue, 13 Apr 2021 16:57:39 +0200
> Sagar Acharya wrote:
>
> > Sure, any good signature. SHA512 is stronger than SHA1, MD5 and SHA256. It
> > shouldn't take a second more than others. Why use a weaker checksum?
>
> SHA512 is actua
wt., 13 kwi 2021 o 17:59 Hiltjo Posthuma napisał(a):
>
> On Tue, Apr 13, 2021 at 04:45:07PM +0200, Daniel Cegiełka wrote:
> > How/where SHA512 is better than SHA256 or SHA1? I don't see any added
> > value in this. If someone breaks into your server and replace files,
> > may also regenerate check
On Tue, 13 Apr 2021 16:57:39 +0200
Sagar Acharya wrote:
> Sure, any good signature. SHA512 is stronger than SHA1, MD5 and SHA256. It
> shouldn't take a second more than others. Why use a weaker checksum?
SHA512 is actually more than twice as fast as SHA256 on 64-bit machines.
(I don't know whic
On Tue, Apr 13, 2021 at 04:45:07PM +0200, Daniel Cegiełka wrote:
> How/where SHA512 is better than SHA256 or SHA1? I don't see any added
> value in this. If someone breaks into your server and replace files,
> may also regenerate check sums (SHA256/512 or SHA3, scrypt etc.). The
> use of MD5 will b
Can we have SHA512 checksums and sig files for the release gzips of suckless
software?
Thanking you
Sagar Acharya
https://designman.org
How/where SHA512 is better than SHA256 or SHA1? I don't see any added
value in this. If someone breaks into your server and replace files,
may also regenerate check sums (SHA256/512 or SHA3, scrypt etc.). The
use of MD5 will be equally (un)safe as SHA512 :)
A better solution is e.g. signify from O
14 matches
Mail list logo