Are encryption algorithms

David Wagner daw at
Mon Nov 17 14:21:32 EST 2003

Enzo Michelangeli wrote:
>Anyway, the intended use is for primary keys in transaction databases, in
>replacement of the PAN (a.k.a. credit card number). Using secure hashes is
>the usual way of doing such things, but the slight risk of collision,
>although practically negligible, is a bit irksome (especially considering
>that the plaintext is of fixed size, and therefore injectivity is not a
>priori impossible), and I was wondering if something better can be done.

I'd ignore the risk.  If you've got a 160-bit hash function
(and you probably should), then the risk of a collision is truly
negligible.  If you try to come up with some fancy alternative,
there will be a greater risk that the fancy alternative is insecure
than the risk that you ever experience a collision in SHA.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list