如果MD5坏了，什么是更好的解决方案？ [英] If MD5 is broken, what is a better solution?

问题描述

阅读主题 MD5真的那么糟糕后，我正在考虑一个更好的解决方案生成哈希。是否有更好的解决方案，如 Adler ， CRC32 或 SHA1 ？

After reading the topic "Is MD5 really that bad", I was thinking about a better solution for generating hashes. Are there better solutions like Adler, CRC32 or SHA1? Or are they broken as well?

推荐答案

CRC32可能是最糟糕的事情，你可能用于密码（除了crc16 :) 。循环冗余校验是检测消息是否由于自然原因而损坏，使用代数不产生冲突是微不足道的。 SHA0和SHA1也被破坏，虽然不像md5（）没有人产生SHA1碰撞，但是它被认为在我们当前的技术中在计算上是可行的。

CRC32 is probably the worst thing you could possibly use for passwords (besides maybe crc16 :). Cyclic Redundancy Checks are to detect if a message has been damaged though natural causes, it is trivial to generate collisions using nothing more than algebra. SHA0 and SHA1 are also broken, although unlike md5() no one has generated a SHA1 collision, but it is believed to be computationally feasible with our current technology.

应使用SHA-2系列的任何成员。 Sha-256很好，SHA-512可能比你需要的多。 NIST现在正在举行SHA-3比赛，这将在2012年的某个时间完成。（Skein的胜利！）

Any member of the SHA-2 family should be used. Sha-256 is good, SHA-512 is probably more than you need. NIST is holding the SHA-3 competition right now and this will be finalized sometime in 2012. (Skein for the win!)

这篇关于如果MD5坏了，什么是更好的解决方案？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！