如果 MD5 损坏，有什么更好的解决方案? [英] If MD5 is broken, what is a better solution?

问题描述

在阅读主题MD5 真的那么糟糕"后，我正在考虑生成哈希的更好解决方案.是否有更好的解决方案，例如 Adler、CRC32 或 SHA1?还是它们也坏了?

After reading the topic "Is MD5 really that bad", I was thinking about a better solution for generating hashes. Are there better solutions like Adler, CRC32 or SHA1? Or are they broken as well?

推荐答案

CRC32 可能是最糟糕的密码(除了 crc16 :).循环冗余检查用于检测消息是否因自然原因而损坏，仅使用代数即可产生冲突.SHA0 和 SHA1 也被破坏了，虽然与 md5() 不同，没有人产生 SHA1 冲突，但据信使用我们当前的技术在计算上是可行的.

CRC32 is probably the worst thing you could possibly use for passwords (besides maybe crc16 :). Cyclic Redundancy Checks are to detect if a message has been damaged though natural causes, it is trivial to generate collisions using nothing more than algebra. SHA0 and SHA1 are also broken, although unlike md5() no one has generated a SHA1 collision, but it is believed to be computationally feasible with our current technology.

应该使用 SHA-2 系列的任何成员.Sha-256 很好，SHA-512 可能超出您的需要.NIST 目前正在举办 SHA-3 竞赛，这将在 2012 年的某个时候完成.(Skein 争取胜利！)

Any member of the SHA-2 family should be used. Sha-256 is good, SHA-512 is probably more than you need. NIST is holding the SHA-3 competition right now and this will be finalized sometime in 2012. (Skein for the win!)

这篇关于如果 MD5 损坏，有什么更好的解决方案?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！