Burhan Khalid wrote: > David Norman wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> I thought some other people would be interested in the other hashes >> that you can do with mhash that aren't on the php.net docs after the >> recent news that SHA-1 might be weaker than previously thought: >> >> http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
Before we get a hundred posts about SHA-1 being "broken" would eveyrbody please read: http://nuglops.com/blog/index.php?p=1021 and maybe *ALL* the contributions way down at the bottom of the original post link? You're still looking at thousands of years or millions of dollars to break SHA-1 if you want to start TODAY. The wise reader will put "Upgrade to SHA-256" on their "ToDo" list and go back to work now. :-) Though I did find the post to add meta-data such as the character distribution to the hash interesting... The odds on a SHA-1 being the same for two plain-texts *AND* having the same number of E's in the plain-texts? Really really really low, seems to me. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
