Linus Torvalds <[EMAIL PROTECTED]> wrote: > > If we want to have any kind of confidence that the hash is reall > yunbreakable, we should make it not just longer than 160 bits, we should > make sure that it's two or more hashes, and that they are based on totally > different principles.
Sorry, it has already been shown that combining two difference hashes doesn't necessarily provide the security that you would hope. I think what hasn't been discussed here is the cost of actually doing the comparisons. In other words, what is the minimum number of comparisons we can get away and still deal with hash collisions successfully? Once we know what the cost is then we can decide whether it's worthwhile considering the odds involved. -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
