Re: 3DES versus SHA-1

From: matthew (matthew@devney.net)
Date: 07/10/02 

Date: Tue, 9 Jul 2002 16:31:47 -0700 (PDT)
From: matthew <matthew@devney.net>
To: Mario Behring <mariobehring@yahoo.com>

Mario,

That depends greatly on what exactly you want out of your crypto. SHA1
and 3DES are very different types of crypto for very different purposes.

SHA-1, or "Secure Hash Algorithm," is a hash algorithm, which means that
it reduces the plaintext to a hash -- in this case, a 160 bit "signature"
of the data. Use that any place you need to be sure the data is the same
on both ends, but don't care who snoops it in the middle. Most people use
md5 for this.

3DES, running Data Encryption Standard 3 times, is a symmetric block
cipher. A block cipher breaks up the plaintext into pieces, and runs a
reversible (two-way) encryption on it so that if you have the key, you can
recreate the data from the cyphertext. This differs from SHA in that you
can NOT recreate the data from an SHA hash.

DES is not very secure in modern environments, and 3DES is just interating
it 3 times, so one has to wonder about that security. Ideally you should
use Blowfish or Twofish instead of 3DES. Also, since you mention you want
to use this for email (and other things), look into PGP, which acts as
both encryption (which DES does) and signature (which SHA does).

Hope this helps.

matthew@devney.net

On Mon, 8 Jul 2002, Mario Behring wrote:

> Date: Mon, 8 Jul 2002 12:56:54 -0700 (PDT)
> From: Mario Behring <mariobehring@yahoo.com>
> To: SECURITY-BASICS@securityfocus.com
> Subject: 3DES versus SHA-1
>
> Hi all,
>
> The purpose is to transfer data between sites securely using emails, HTTP,
> FTP, IP (LAN/WAN), etc.
>
> Which algorithm should I use: 3DES or SHA-1 ?
>
> Thanks.
>
> Mario
>
> __________________________________________________
> Do You Yahoo!?
> Sign up for SBC Yahoo! Dial - First Month Free
> http://sbc.yahoo.com
>

Relevant Pages

  • Re: sha-1 cryptography
    ... > SHA-1 is not a criptographic algorithm, it's a hash algorithm, and it is known that SHA-1 just as all others SHA algorithms have a finite number os possibilities for a hash code. ... education and the case study affords you unmatched consulting experience. ... Computer Emergency Response Teams, and Digital Investigations. ...
    (Security-Basics)
  • Re: Barcode Email
    ... On 29 Jul 2005 06:59:01 GMT, Juergen Nieveler wrote: ... > You DO realize that you're comparing apples and oranges? ... > SHA-1 is a hash algorithm, ... I was comparing the fact that SHA-1 is busted, ...
    (comp.security.misc)
  • Re: Barcode Email
    ... You DO realize that you're comparing apples and oranges? ... SHA-1 is a hash algorithm, ...
    (sci.crypt)
  • Re: Barcode Email
    ... On 29 Jul 2005 06:59:01 GMT, Juergen Nieveler wrote: ... > You DO realize that you're comparing apples and oranges? ... > SHA-1 is a hash algorithm, ... I was comparing the fact that SHA-1 is busted, ...
    (sci.crypt)
  • Re: Barcode Email
    ... You DO realize that you're comparing apples and oranges? ... SHA-1 is a hash algorithm, ...
    (comp.security.misc)