11 Oct
2006
11 Oct
'06
11:06 p.m.
From the sibling thread:
Why don't use both md5 and sha1 ? I don't mean md5 OR sha1, but md5 AND sha1. _I_think_ it's virtually impossible to fuck two different hash algorithm.
This won't make the system more secure. Because if somebody has the resources to find a collision in SHA1 then I'm sure he/she/they can do the same with MD5. And if they cannot do this for SHA1 then MD5 doesn't matter. Only using SHA-512 or public key cryptography really solves security problems with both MD5 and SHA1. -- Roman Kyrylych (Роман Кирилич)