Are there new Hashing algorithms emerging? I know SHA-1 has been cracked, but are there newer ones being formulated?
Also, are there newer cryptosystems emerging?
Where can I find out about new cryptosystems?
I read that the latest state of the art crypto system is the AES-128, are there better ones to use in .NET applications?
-
SecretSoftware
Code to live, but Live to code.
-
blowdart
Peek-a-boo
SecretSoftware wrote:Are there new Hashing algorithms emerging? I know SHA-1 has been cracked, but are there newer ones being formulated?
Cracked? They've proved collisons but only for some documents. It's not like you can edit a message then regenerate the same hash easily.
-
SecretSoftware
Code to live, but Live to code.
blowdart wrote:
SecretSoftware wrote:Are there new Hashing algorithms emerging? I know SHA-1 has been cracked, but are there newer ones being formulated?
Cracked? They've proved collisons but only for some documents. It's not like you can edit a message then regenerate the same hash easily.
Read this wikipedia article:
Chinese researchers crack major U.S. government algorithm used in digital signatures -
W3bbo
Work hard; increase production; prevent accidents, and be happy.
SecretSoftware wrote:blowdart wrote: SecretSoftware wrote:Are there new Hashing algorithms emerging? I know SHA-1 has been cracked, but are there newer ones being formulated?
Cracked? They've proved collisons but only for some documents. It's not like you can edit a message then regenerate the same hash easily.
Read this wikipedia article:
Chinese researchers crack major U.S. government algorithm used in digital signatures
As far as storing password hashes (with salts) in databases are concerned, they're still perfectly safe (and the added salt renders any kind of brute-forcing nigh on impossible anyway)
The only thing to be concerned about is using SHA-1 for file integrity checksums and signatures.
-
ZippyV
Fired Up
Like the article says: use sha-256.
-
SecretSoftware
Code to live, but Live to code.
But why not change the Algorithms with newer ones?
I mean the chinese researcher just went from one key length to the bigger keylength, using the same methods that they used to break the one with smaller key length, using normal computers (not super computers).
So it means that the algorithm is no good.
Generally, when will new algorithms be made? Or are there already newer ones?
Computers are getting powerfull in computations. -
Sven Groot
I'm Commander Shepard and this is my favourite store on the Citadel.
SecretSoftware wrote:But why not change the Algorithms with newer ones?
Because coming up with a good cryptographic algorithm that meets all the required properties is incredibly hard and only a handful of mathematicians can actually do it? -
W3bbo
Work hard; increase production; prevent accidents, and be happy.
SecretSoftware wrote:what are the required properties?
Doctorates in Mathematics and Cryptography, good knowledge of Entropy and Chaos Theory, and many years of industry experience or academic research.
SecretSoftware wrote:And mathematicians like who ?
Mathematicians unlike us.
-
SecretSoftware
Code to live, but Live to code.
Sven Groot wrote:
SecretSoftware wrote:But why not change the Algorithms with newer ones?
Because coming up with a good cryptographic algorithm that meets all the required properties is incredibly hard and only a handful of mathematicians can actually do it?
what are the required properties? And mathematicians like who ?
I am checking the Journals because cryptography and stegonography are interesting mathematically speaking.
But I think there needs to be newer crypto-systems with new Hashing algorithms to use now because computers are more powerfull nowadays.
What is your most trusted Hashing algorithm and crypto-system that you use in your Client/Server applications without thinking twice about it?
-
SecretSoftware
Code to live, but Live to code.
W3bbo wrote:
SecretSoftware wrote:what are the required properties?
Doctorates in Mathematics and Cryptography, good knowledge of Entropy and Chaos Theory, and many years of industry experience or academic research.
SecretSoftware wrote:And mathematicians like who ?
Mathematicians unlike us.
So why not come up with one for us webbo? It should be interesting to see what you come up with
But seriously though, why have we not seen newer ones emerging every few months, espcially when there are nerds cracking the existing ones?
At least , I think there are capable mathematicians in MS that should have been producing new hashing algorithms for us.
-
Like W3bbo says, mathematicians unlike us. It takes a great deal of skill and experience to design an algorithm that isn't flawed in some way. It's better to leave that to the experts.
-
SecretSoftware
Code to live, but Live to code.
Do new Hash systems and crypto systems get released only when existing ones are broken totally? Or what is the factor affecting this? How often do these super mathematicians release newer , more secure hashing functions and crypto-systems to the world?
Its been quite some time since newer Hashing functions and cryptosystems were released for public use. -
staceyw
Before C# there was darkness...
SecretSoftware wrote:Are there new Hashing algorithms emerging? I know SHA-1 has been cracked, but are there newer ones being formulated?
Also, are there newer cryptosystems emerging?
Where can I find out about new cryptosystems?
I read that the latest state of the art crypto system is the AES-128, are there better ones to use in .NET applications?
AES is not a hash, it is crypto algo (.Net has aes/Rijndael) For hashes, .Net already has sha1, sha256, sha384, sha512, md5, ripemd160, and keyedhashes. You need more? -
blowdart
Peek-a-boo
SecretSoftware wrote:
blowdart wrote: SecretSoftware wrote:Are there new Hashing algorithms emerging? I know SHA-1 has been cracked, but are there newer ones being formulated?
Cracked? They've proved collisons but only for some documents. It's not like you can edit a message then regenerate the same hash easily.
Read this wikipedia article:
Chinese researchers crack major U.S. government algorithm used in digital signatures
Like I said, they discovered collisons. Which aren't that useful. And the collisons were already known about, they just developed a way to speed it up.
-
SecretSoftware
Code to live, but Live to code.
staceyw wrote:
SecretSoftware wrote:Are there new Hashing algorithms emerging? I know SHA-1 has been cracked, but are there newer ones being formulated?
Also, are there newer cryptosystems emerging?
Where can I find out about new cryptosystems?
I read that the latest state of the art crypto system is the AES-128, are there better ones to use in .NET applications?
AES is not a hash, it is crypto algo (.Net has aes/Rijndael) For hashes, .Net already has sha1, sha256, sha384, sha512, md5, ripemd160, and keyedhashes. You need more?
As I said, AES-128 is a cryptosystem.
Yes I want more. If Sha1 is broken, it means Sha algorithm is compromoised and its only a matter of time to break SHA512, just like going from MD4 to MD5.
Totally newer more complex ones should be made as fast as older ones are being broken. People will lose trust in these algorithms because they cannot be sure that their cryptographical hash is secure. You loose confidence.
-
stevo_
Human after all
Out of interest, how do you link SHA1 being compromised making SHA completely compromised too?
-
SecretSoftware
Code to live, but Live to code.
stevo_ wrote:Out of interest, how do you link SHA1 being compromised making SHA completely compromised too?
SHA-2 variants, are algorithmically similar to SHA-1
-
SecretSoftware
Code to live, but Live to code.
Apparently people are working on new ones
FORK-256, DHA-256, and VSH.
And
Successor to the throne.
Thread Closed
This thread is kinda stale and has been closed but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.