[Cryptography] let's kill md5sum!
Heinz Diehl
htd+ml at fritha.org
Tue Jun 9 17:00:23 EDT 2015
On 08.06.2015, Jerry Leichter wrote:
> Recall Zooko's comment in the base post: "I did a quick and dirty
> benchmark ... and was delighted that b2sum (in BLAKE2sp mode) was
> almost twice as fast as md5sum on my Intel Core-i5 laptop!"
MD5 is still extensively used, and simply removing it (which I
seriously doubt would be possible at all) would break a huge
amount of software, records, databases and more. So why would
one want to do that?
Ok, another hash is faster, and more secure. So let's use and promote
that one. But why is killing md5 needed to do that? Its use for
cryptographic purposes should clearly be discouraged, but not by
breaking things for a lot of people. Make the people understand that
and why md5 is insecure, and they will abandon it. Enforcing a new hash
on them would most probably not lead to the desired
dissemination/adoption due to a lack of reason.
More information about the cryptography
mailing list