[MASOCH-L] SHA1 e MD5

Rodrigo Ristow Branco rrbranco at pobox.com
Mon Sep 10 16:11:55 BRT 2007 

sobre o SHA1



 *NIST's Policy on Hash Functions*

March 15, 2006: *The SHA-2 family of hash functions (i.e., SHA-224, SHA-256,
SHA-384 and SHA-512) may be used by Federal agencies for all applications
using secure hash algorithms.* Federal agencies *should* stop using SHA-1
for digital signatures, digital time stamping and other applications that
require collision resistance as soon as practical, and must use the SHA-2
family of hash functions for these applications after 2010. After 2010,
Federal agencies may use SHA-1 only for the following applications:
hash-based message authentication codes (HMACs); key derivation functions
(KDFs); and random number generators (RNGs). Regardless of use, NIST
encourages application and protocol designers to use the SHA-2 family of
hash functions for all new applications and protocols.





On 9/10/07, Rodrigo Ristow Branco <rrbranco at pobox.com> wrote:
>
> sobre o MD5
>
> http://en.wikipedia.org/wiki/MD5#External_links
>              Two colliding PostScript files with the same size<http://www.cits.rub.de/MD5Collisions/>
>               http://www.cits.rub.de/MD5Collisions/
>
>
> MD5 Collision Demo
> Collisions in the MD5 cryptographic hash function
> http://www.mathstat.dal.ca/~selinger/md5collision/<http://www.mathstat.dal.ca/%7Eselinger/md5collision/>
>
> ...
> The following is an improvement of Diaz's example, which does not need a
> special extractor. Here are two pairs of executable programs (one pair runs
> on Windows, one pair on Linux).
>
>    - *Windows version:*
>       - hello.exe<http://www.mathstat.dal.ca/%7Eselinger/md5collision/hello.exe>.
>       MD5 Sum: cdc47d670159eef60916ca03a9d4a007
>       - erase.exe<http://www.mathstat.dal.ca/%7Eselinger/md5collision/erase.exe>.
>       MD5 Sum: cdc47d670159eef60916ca03a9d4a007
>    - *Linux version (i386):*
>       - hello<http://www.mathstat.dal.ca/%7Eselinger/md5collision/hello>.
>       MD5 Sum: da5c61e1edc0f18337e46418e48c1290
>       - erase<http://www.mathstat.dal.ca/%7Eselinger/md5collision/erase>.
>       MD5 Sum: da5c61e1edc0f18337e46418e48c1290
>
> ...
>
>
>
>
> On 9/10/07, Carlos Henrique <carloshenrique at urbi.com.br> wrote:
> >
> >
> > Pessoal,
> >
> > Gostaria de saber qual algoritmo de hash é o mais seguro, o MD5 ou o
> > SHA1?
> > Tem alguma vantagem de se implementar um ou outro, para armazenamento de
> > senhas em bando de dados?
> >
> > Forte abraço
> > Carlos Henrique
> > __
> > masoch-l list
> > https://eng.registro.br/mailman/listinfo/masoch-l
> >
>
>

More information about the masoch-l mailing list