| |
 |
|
|
Science Forum Index » Cryptography Forum » Current De facto Standard Hash Algorithm...
Page 1 of 1
|
| Author |
Message |
| Jeff.M... |
 Posted: Wed Jul 23, 2008 3:20 pm |
|
|
|
Guest
|
Hi, everybody. MD5 and then SHA-1 used to be the de facto standards
for cryptographic hashing. Now neither are a good choice, or at least
not the top choice. I researched this a bit and it looks like
RIPEMD-160 or Whirlpool might be the new best choice. But I thought
I'd get the thoughts from the cryptographic community. What is the new
de facto hash function? |
|
|
| Back to top |
|
| David Eather... |
| Posted: Thu Jul 24, 2008 4:23 am |
|
|
|
Guest
|
Jeff.M wrote:
Quote: Hi, everybody. MD5 and then SHA-1 used to be the de facto standards
for cryptographic hashing. Now neither are a good choice, or at least
not the top choice. I researched this a bit and it looks like
RIPEMD-160 or Whirlpool might be the new best choice. But I thought
I'd get the thoughts from the cryptographic community. What is the new
de facto hash function?
I think it would be sha2-256 |
|
|
| Back to top |
|
| amzoti... |
| Posted: Thu Jul 24, 2008 4:47 am |
|
|
|
Guest
|
On Jul 23, 6:20 pm, "Jeff.M" <Mott.J... at (no spam) gmail.com> wrote:
Quote: Hi, everybody. MD5 and then SHA-1 used to be the de facto standards
for cryptographic hashing. Now neither are a good choice, or at least
not the top choice. I researched this a bit and it looks like
RIPEMD-160 or Whirlpool might be the new best choice. But I thought
I'd get the thoughts from the cryptographic community. What is the new
de facto hash function?
In response to a SHA-1 vulnerability announced in Feb. 2005, NIST held
a Cryptographic Hash Workshop on Oct. 31-Nov. 1, 2005 to assess the
status of its approved hash functions. While NIST continues to
recommend a transition from SHA-1 to the approved SHA-2 family of hash
functions (SHA-224, SHA-256, SHA-384, and SHA-512), NIST has also
decided that it would be prudent in the long-term to develop one or
more hash functions through a public competition, similar to the
development process for the Advanced Encryption Standard (AES).
From: http://csrc.nist.gov/groups/ST/hash/timeline.html |
|
|
| Back to top |
|
| amzoti... |
| Posted: Thu Jul 24, 2008 4:50 am |
|
|
|
Guest
|
On Jul 24, 7:47 am, amzoti <amz... at (no spam) gmail.com> wrote:
Quote: On Jul 23, 6:20 pm, "Jeff.M" <Mott.J... at (no spam) gmail.com> wrote:
Hi, everybody. MD5 and then SHA-1 used to be the de facto standards
for cryptographic hashing. Now neither are a good choice, or at least
not the top choice. I researched this a bit and it looks like
RIPEMD-160 or Whirlpool might be the new best choice. But I thought
I'd get the thoughts from the cryptographic community. What is the new
de facto hash function?
In response to a SHA-1 vulnerability announced in Feb. 2005, NIST held
a Cryptographic Hash Workshop on Oct. 31-Nov. 1, 2005 to assess the
status of its approved hash functions. While NIST continues to
recommend a transition from SHA-1 to the approved SHA-2 family of hash
functions (SHA-224, SHA-256, SHA-384, and SHA-512), NIST has also
decided that it would be prudent in the long-term to develop one or
more hash functions through a public competition, similar to the
development process for the Advanced Encryption Standard (AES).
From:http://csrc.nist.gov/groups/ST/hash/timeline.html
Even better, see: http://csrc.nist.gov/groups/ST/hash/statement.html |
|
|
| Back to top |
|
| Thomas Pornin... |
| Posted: Thu Jul 24, 2008 9:20 am |
|
|
|
Guest
|
According to Jeff.M <Mott.Jeff at (no spam) gmail.com>:
Quote: Hi, everybody. MD5 and then SHA-1 used to be the de facto standards
for cryptographic hashing. Now neither are a good choice, or at least
not the top choice. I researched this a bit and it looks like
RIPEMD-160 or Whirlpool might be the new best choice. But I thought
I'd get the thoughts from the cryptographic community. What is the new
de facto hash function?
The so-called "SHA-2" family, namely SHA-256 and SHA-512. Whirpool is
very slow, to a point that it shows (in most applications, we can ignore
the cost of hashing data because a standard CPU will hash data much
faster than a standard harddisk or network controller can consume data,
but this is not true if the hash function is Whirlpool). RIPEMD-160 is
not very widely deployed beyond PGP; its output length restricts its
collision resistance to 2^80, which is slowly but steadily going out of
vogue: nowadays, "128-bit resistance" is favoured, hence 256-bit outputs
or more.
SHA-256 and SHA-512 are the current de facto standard hash functions,
but they are also deemed somewhat unsatisfactory, which has lead NIST to
initiate an open competition (as was done for the AES). Hence it is
expected that in a couple of years, a new hash function will be
published and declared standard by the US government, and what happened
for the AES competition suggests that everybody (not only government
entities, not only US entities) will adopt that new hash function.
Competition details are there: http://www.nist.gov/hash-competition
--Thomas Pornin |
|
|
| Back to top |
|
| |
|
Page 1 of 1
All times are GMT - 5 Hours
The time now is Fri Dec 05, 2008 4:52 am
|
|