On Wed, Apr 2, 2008 at 12:19 PM, John Stiles <[EMAIL PROTECTED]> wrote: > I take it all back; in 2007 there was an MD5 attack discovered which > actually allows for completely different binaries that sign the same. Check > Wikipedia for the details, but basically MD5 is totally broken now. Wow, > times change!! > > SHA-1 it is, if security is a concern.
While SHA-1 has not yet been broken, there are worrying signs. Related and weakened versions have been broken, SHA-1 itself has been "broken" by algorithms which are still impractically expensive but much cheaper than brute force, and it's generally accepted that the full SHA-1 is just a matter of time. It's premature to start ripping SHA-1 out of existing code, but if you are writing new code for which security is a concern, it's best to start using one of the SHA-2 family of hashes. Mike _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [EMAIL PROTECTED]
