-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 12 December 2001 16:41, you wrote:
> On Wed, Dec 12, 2001 at 04:37:48PM -0600, Mark J Roberts wrote:
> > toad:
> > > an MD5 checksum (don't ask me why they aren't using SHA-1) of each
> > > package
> >
> > MD5 is twice as fast as SHA-1 (25MB/s vs. 50MB/s on my 450MHz), and
> > SHA-{256,512} are even slower. Disk IO is the bottleneck here, but I
> > imagine they still wanted the optimization.
>
> so why was the Tiger hash not chosen? its 192bit *and* faster than
> md5. i haven't heard anything negative about, and if somehow
> its not more secure than sha1 its still certainly better than the broken
> md5.
To my knowledge (which is admittedly limited in this area; well, a lot of
areas), MD5 was not completely broken, though it has been weakened somewhat.
Not enough to completely deprecate it's use, but enough that many
cryptographers will even choose something developed by NIST rather than use
MD5.
- --
Timm Murray
- -----------
This message has been encoded ROT26. Decoding is punishable by death under
the DMCA.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjwYPQkACgkQqpueKcacfLQJ3gCgkvVcm2b0CCDt4lnOQ64sfpCO
cD0An2O9e+vrvFm8ftYUPiqXE93rVBC7
=M0g4
-----END PGP SIGNATURE-----
_______________________________________________
freenet-tech mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/tech
