For the really paranoid, NIST is recommending that federal agencies stop using SHA-1, since it's been cracked (along with MD5), and instead use the SHA-2 family of hash algorithms.
For the really smart really paranoid, NIST is beginning a new contest (like for AES) to develop a new secure hash algorithm... While the MRN may not be such a sought after item, getting into the practice of using SHA-2 (e.g., SHA-256, SHA-512) is a simple change that makes sense... Steve -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Hendricks Sent: Wednesday, May 23, 2007 8:52 AM To: LDS Open Source Software Subject: Re: [Ldsoss] Re: HT and VT Tool On Wed, May 23, 2007 at 07:35:19AM -0600, Tom Welch wrote: > Although the MRN is confidential, it is not secret. It is on your > temple recommend, and I believe it is on your year end tithing summary > statement. The important thing to remember is that if you export MLS > info, you are under a strict obligation to keep that information > secure. In my applications, I usually store an MD5 or SHA-1 hash of the MRN. That way, I still get the unique ID characteristics without chance of the actual MRN being compromised. Perhaps that's a bit paranoid ;-) -- Michael _______________________________________________ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss _______________________________________________ Ldsoss mailing list Ldsoss@lists.ldsoss.org http://lists.ldsoss.org/mailman/listinfo/ldsoss
