Re: [GENERAL] SHA1 on postgres 8.3

Am Mittwoch, 2. April 2008 schrieb sanjay sharma:
> md5 is not being recommended anywhere because it contains hash collision.
> Therefore either it should be replaced with SHA1 or any other good hash
> algorithm or taken out of core completely. md5 in core is worthless now.I
> am not using it in my application. I am using SHA1 in client/web tier for
> password hashing. 
> Would replacing md5 with SHA1 in core involve much work?

The vulnerabilities that exist for MD5 and SHA1 involve finding two random 
input strings that create the same hash values.  This is possible for MD5 
*and* SHA1 now, so asking for SHA1 to replace MD5 is completely pointless.  
What is not possible with either MD5 or SHA1 is finding an input string that 
creates the same hash value as a given input string (except by googling, but 
that affects all algorithms).  So using MD5 for encrypting passwords or 
digesting known data values or tarballs can be considered secure at the 
moment.

If you are dealing with certificate infrastructures, where the hash collision 
vulnerability described above might be relevant, you are certainly going to 
use some library such as openssl, and those have already moved away from 
using MD5 and SHA1 anyway.