> On Nov 15, 2016, at 1:11 PM, Scott Robison <sc...@casaderobison.com> wrote: > > Completely depends on your needs. If your needs are not cryptographic, then > there is no problem.
But there’s little reason to use MD5 instead of SHA-1; they’re roughly the same speed, but SHA-1 is considerably more collision-resistant. Or if you don’t need a long digest, just use Adler32, which is about four times as fast. > I still cannot fathom why anyone would assign random numbers or (even more > useless) long random blobs to use as psuedo-keys. It just boggles the mind. I take it you’re not a cryptographer :) All modern ciphers do this. For example, an RSA key pair is simply a pair of large random numbers (both prime) that meet certain criteria. Or if you use a more modern cipher like Curve25519, the private key is quite literally just any 256 bits of random data. You generate a key-pair by reading 32 bytes from /dev/random into the private key, and then performing a transformation on that to get the public key. Obviously collisions are possible with long random numbers or digests, but secure systems are designed such that random collisions are vanishingly unlikely to occur for {insert large power of ten here} years, which makes the probability effectively zero. —Jens _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users