Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Practical Exploits of Broken MD5 Algorithm

emc3 Why not multi-algo hashes? (253 comments)

Why don't we just make it a standard practice to provide "verification" hash checksums from multiple algorithms? If you provide *both* the MD5 and the SHA1 hashes for a file, it will be many, many levels of magnitude more difficult to construct replacement data which hashes the same both ways. The collision space for this must be infintessimal?

If everybody just switches to AES or somesuch, aren't we just postponing the problem until similar methods of attack are proven against its algorithms? By combining multiple hash algorithms, you gain a sort of independent oversight.

more than 9 years ago


emc3 hasn't submitted any stories.


emc3 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?