Jacob Bachmeyer <[email protected]> writes:

>Does the shorter output length (128 bits for MD5; 160 bits for SHA-1) cause
>problems?  Has the general advance of computing power caught up to HMAC-MD5
>and HMAC-SHA1, or do they remain secure? (Similar to how DES remains unbroken
>in the cryptanalytic sense, but its 56-bit keyspace is now vulnerable to
>brute force.)

Anything above around 2^110 is computationally infeasible for the indefinite
future (for reference, the entire global Bitcoin hash rate is 2^94 per year).

Peter.

Reply via email to