Le 15/12/2010 00:52, John Hardin a écrit : > On Tue, 14 Dec 2010, Cedric Knight wrote: > >> So a hash is best, > > Agreed. > >> and I'd suggest SHA1 over MD5. > > Just out of curiosity, why? An MD5 hash is shorter than an SHA hash (an > important consideration when you're making lots of DNS queries of the > hash), MD5 is computationally lighter than SHA, and MD5 is robust enough > for this purpose, even though artificial collision scenarios exist. >
because it's good to abandon weak algorithms, once for all. the small wanna be performance benefit that you might find is useless. we keep seeing people using weak stuff because "it's enough" and "it's faster/lighter/..." with the results that you know. if you're worried about performace, don't hash at all. would you use a cesar/base64/... ? either you need security and you use an algorithm that's not considered broken, or you don't. > Granted I wouldn't sign a legal document with it any more, but for a > private perfect hash of an email address, why not? it's weak. don't use it anymore. we have many "secure" alternatives, why go for "bugward compatibility"?
