NIST Retires SHA-1 Cryptographic Algorithm

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Xxhash Btrfs Smhasher btrfs-progs hash-functions

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • xxHash

    Extremely fast non-cryptographic hash algorithm

    • If you're only using the hash for non-cryptographic applications, there are much faster hashes: https://github.com/Cyan4973/xxHash

  • rfc4880bis

    • > The thing is, there doesn't seem to be any security weaknesses with the existing AE method. I have looked hard.

    Even if nobody found any concrete security issues, there might be compliance reasons not to use SHA-1, as indicated by the OP. It's easier to switch to something new than to endlessly explain to auditors that actually in this particular case the use of SHA-1 is probably fine. Also note that there's no security proof for the MDC, making it harder to convince such auditors.

    > There also doesn't seem to be any need for the AD (associated data) part.

    I personally disagree: https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/145. The linked paper explains why having AD would be useful. But I'll grant you that the crypto refresh doesn't make significant use of it yet, so it can't really be counted as an advantage for AEAD yet.

    > OCB seems to be the fastest out of all of them. If the proposal was just to add on OCB as an enhanced performance mode then I might be OK with that. Why make the people encrypting multi-TB files wait? I am mostly grumpy with the idea that we have to drop an existing well established standard for stuff like messaging and less extreme file sizes.

    I'm not sure I understand what the concrete difference would be between what you're proposing and what the crypto refresh does? It introduces a new mode and encourages its use, but doesn't disallow the use of the current mode. Also, once OCB is widely deployed, why would you want to use CFB instead of OCB?

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • dduper

    Fast block-level out-of-band BTRFS deduplication tool.

    • In some cases deduplication happens at the file system layer transparently without you even realizing it. E.g. there are tools like https://github.com/lakshmipathi/dduper

    I agree that image editing workflows are a different use case more suited to perceptual hashes than cryptographic hashes.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts