On Wed, 16 Mar 2005, Aaron Bentley wrote: > Karel Gardas wrote: > > Yes, I agree, but combining two hashes from which one is considered broken > > and one is considered weak these days is IMHO less secure than using one > > hash which is considered secure.
[...] > So while it's definitely time to look at alternative hashes, I don't > think it makes sense to migrate to just one. What if the new hash was > cracked wide open, while no further progress was made on SHA-1? Sorry, I was to vague about it. My paragraph above is just an "motivation" for migration to different hash function implementation. Anyway, I agree with you that combining more than one hash is better, although the resulting code is more complex. Karel -- Karel Gardas [EMAIL PROTECTED] ObjectSecurity Ltd. http://www.objectsecurity.com _______________________________________________ Gnu-arch-users mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnu-arch-users GNU arch home page: http://savannah.gnu.org/projects/gnu-arch/
