Re: Added hashes.
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


sci.crypt archive

Re: Added hashes.

From: Tino Schwarze <tino.schwarze.0401@tisc.de>
Date: Mon Dec 12 2005 - 12:31:22 CET



Ian Stirling <root@mauve.demon.co.uk> wrote:



> Given that assorted hashes (rc4,md5) seem to all have a finite lifespan,


> with others showing possible weaknesses.


> Isn't it more secure to hash a file by hashing it twice with two seperate


> functions, and then xoring the result?



I'd not xor the result but keep both results (e.g. append hash 1 to hash


2). So if somebody is able to produce a plaintext for hash 1 (say MD5),


chances should be very low that it also matches hash 2 (say SHA1). But I


would only consider this for long-time archiving.



This should[1] also significantly lower the probability of a hash


collision.



Bye, Tino.



[1] read "sounds logical to me but I'm not a cryptologist."


Received on Fri Dec 23 20:09:37 2005