On 08/26/2010 04:41 PM, Mike Abbott wrote:
1. What hash algorithm to use?
2. Should I add support for trusting hash uniqueness
Use two hash functions and concatenate the hashes. While both hash
systems may eventually be hacked it is unlikely that hacking them
will result in a targeted alias.
Just make it possible to change the hash in the future. Have a utility
that updates all (or a subset) of them.
If e.g. SHA256 is truly broken in the future, the utility can run
overnight while I fix the million other emergencies that are about to
exist in the morning.