[Cryptography] More efficient and just as secure to sign message hash using Ed25519?
Tony Arcieri
bascule at gmail.com
Mon Aug 3 20:52:47 EDT 2015
On Mon, Aug 3, 2015 at 5:11 PM, Allen <allenpmd at gmail.com> wrote:
> Would hashing twice with MD5 be the best way to prevent that attack, or
> might it be better to use a stronger hash function?
Your question is a false dichotomy. The "best" answer is "do both".
If we could wave a magic wand and magically upgrade everything that's using
older algorithms, that would clearly be the best solution. But here in the
real world, we don't have magic wands.
Indeed the clients that were exploited by the Flame MD5 collision were
capable of using better algorithms (e.g. SHA1), but since MD5 was
supported, it became the weakest link.
--
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150803/e2487c81/attachment.html>
More information about the cryptography
mailing list