Re: Question about hashing algorithms

From: Unruh (unruh-spam_at_physics.ubc.ca)
Date: 08/26/05


Date: 26 Aug 2005 21:42:17 GMT

daw@taverner.cs.berkeley.edu (David Wagner) writes:

>>Are any hashing algorithms that are secure for short data and have
>>short signatures? As I understand it, SHA-1, MD5, etc. were pretty
>>much designed to work for any size of data. Sometimes that seems like
>>overkill, though.

>What's wrong with overkill? (a serious question)

>>If I have small bits of data (say, a few kilobytes
>>or so) and I want to verify each chunk with a hash, it seems a little
>>wasteful to require a 160 bit hash that matches up with what might only
>>be 2K of data most of the time.

160 bits = 20 bytes. What is wrong with a 100-1 ratio?

And security relies on length. If you ahve a one bit hash it is trivial to
find collisions and preimages attacks. the longer the hash, the harder,
other things being equal.