Re: Security of truncated hash functions

On Wed, Aug 02, 2006 at 12:13:49PM -0400, David Shaw wrote: > On Sat, Jul 29, 2006 at 07:26:18PM +0930, Alphax wrote: > > Qed wrote: > > > Suppose you need a 160 bit digest. > > > You can choose RIPEMD160/SHA1 or a truncated version of a bigger one > > > (e.g.: SHA2 family). > > > Which solution wo

Re: Security of truncated hash functions

On Sat, Jul 29, 2006 at 07:26:18PM +0930, Alphax wrote: > Qed wrote: > > Suppose you need a 160 bit digest. > > You can choose RIPEMD160/SHA1 or a truncated version of a bigger one > > (e.g.: SHA2 family). > > Which solution would be safer? > > Is a digest algo designed for a given length stronger

Re: Security of truncated hash functions

Qed wrote: > Suppose you need a 160 bit digest. > You can choose RIPEMD160/SHA1 or a truncated version of a bigger one > (e.g.: SHA2 family). > Which solution would be safer? > Is a digest algo designed for a given length stronger than a truncated > longer one? > Since you're asking about 160-bit

Re: Security of truncated hash functions

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Qed wrote: > Which solution would be safer? Assuming an idealized hash function, they're of equal strength. If each bit of the hash algorithm is effectively random with a 50/50 distribution, then a truncated hash is just as good as a full-size hash

Security of truncated hash functions

-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Suppose you need a 160 bit digest. You can choose RIPEMD160/SHA1 or a truncated version of a bigger one (e.g.: SHA2 family). Which solution would be safer? Is a digest algo designed for a given length stronger than a truncated longer one? I googl