> On Nov 15, 2016, at 1:11 PM, Scott Robison <sc...@casaderobison.com> wrote:
>
> Completely depends on your needs. If your needs are not cryptographic, then
> there is no problem.
But there’s little reason to use MD5 instead of SHA-1; they’re roughly the same
speed, but SHA-1 is considerably more collision-resistant.
Or if you don’t need a long digest, just use Adler32, which is about four times
as fast.
> I still cannot fathom why anyone would assign random numbers or (even more
> useless) long random blobs to use as psuedo-keys. It just boggles the mind.
I take it you’re not a cryptographer :) All modern ciphers do this. For
example, an RSA key pair is simply a pair of large random numbers (both prime)
that meet certain criteria. Or if you use a more modern cipher like Curve25519,
the private key is quite literally just any 256 bits of random data. You
generate a key-pair by reading 32 bytes from /dev/random into the private key,
and then performing a transformation on that to get the public key.
Obviously collisions are possible with long random numbers or digests, but
secure systems are designed such that random collisions are vanishingly
unlikely to occur for {insert large power of ten here} years, which makes the
probability effectively zero.
—Jens
_______________________________________________
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
