[Python-Dev] SHA-256 module
Stuart Bishop
stuart at stuartbishop.net
Wed Jun 30 11:45:50 EDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 30/06/2004, at 5:30 PM, A.M. Kuchling wrote:
> On Wed, Jun 30, 2004 at 10:15:24AM +0100, Michael Hudson wrote:
>> Nevertheless, am I right to still believe that there are no known
>> distinct strings which even MD5 to the same hash?
>
> Correct.
>
> One significant reason for the larger SHAs to generate 256-bit keys
> for AES encryption; it's better to have a larger hash than to take a
> smaller one and replicate portions of it. But, given that we're not
> going to include AES in the Python stdlib, people will have to
> download a separate library anyway. This library could include SHA256,
> so this application isn't a compelling reason to add SHA256 to the
> stdlib. It would be different if there were existing protocols that
> need the larger hash, such as HTTP digest auth; are there any?
People use sha as a one way hash for storing passwords and credit
card details. The extra bits will make the paranoid a bit happier
(and the less paranoid are still using md5).
- --
Stuart Bishop <stuart at stuartbishop.net>
http://www.stuartbishop.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)
iD8DBQFA4uAvAfqZj7rGN0oRAoejAJ4wpOQx2f3+yvSFqgKPW+S3h9YmVQCggy5h
7Ydvtp/Rdj19KT/sFOtxXM8=
=/Fa4
-----END PGP SIGNATURE-----
More information about the Python-Dev
mailing list