On Mon, 2002-07-08 at 12:56, Mario Behring wrote: > Hi all, > > The purpose is to transfer data between sites securely using emails, HTTP, > FTP, IP (LAN/WAN), etc. > > Which algorithm should I use: 3DES or SHA-1 ?
Umm. I don't think they compare... 3DES is a Cipher (Stream Cipher? I don't have my books here) and SHA-1 is a cryptographic one-way hashing algorithm similar to MD5 (but more secure). So I'd say from your purpose you should use 3DES to ENCRYPT things (so that noone can see the contents) or SHA-1 to hash the message before and after it is sent to make sure it didn't get modified in transit. 3DES is vulnerable to certain kinds of attacks.. I seem to recall that it's a variant of the meet-in-the-middle attack (see Applied Cryptography by Menezes et al (which he has for free in PDF on his website))... So maybe you should consider some other encryption algorithm... -- Cameron Turner We-Create Inc. Systems Administrator [EMAIL PROTECTED]
