On 24 Aug 2004, Sam Vilain wrote: > Robert Trebula wrote: > >> Maybe you have already noticed - collisions have been found in MD5 >> hashing algorithm:
[...] > I think cryptanalysts have 'cracked' pretty much all of them, though > with practically prohibitive costs of cracking them (eg, 2^50 for > SHA-0). [...] > My personal thought is that you could make the hash more secure simply > by running md5 and SHA1 (maybe pepper on another one for good luck) > across a single stream at the same time, and simply xor the resultant > hashes together. You could pretty much add up the "cost" of the attacks > against the keys. Be aware that this sort of technique "multi-encryption" technique can lead to significant exposures when applied to traditional crypto; it can produce results that allow a vastly simpler attack on the protected information. I would not put my name to a recommendation about how to make a cryptographic product or protocol "more secure" unless I had sufficient background in the area to know the full implications of my recommended actions. Regards, Daniel -- If a joke is worth telling, it's worth telling once. -- Ollie MacNoonan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]