3 comments

[ 3.3 ms ] story [ 14.2 ms ] thread
Does anyone on HN use any of these hashing functions? Or sticking to SHA2 family till SHA3 finalist is announced is your strategy? Or do you simply not care at all and use SHA1 or MD5 because it's easy?
Planning on sticking with SHA2 until SHA3 has been around for a few years. I treat these things like Windows Service Packs. If I were a crypto expert (tptacek?) I might see things differently, but since I'm not, I try to thread the needle between falling too far behind, and cutting myself on the bleeding edge.
SHA1 won't kill you any time soon; people are not, despite the hype, rushing to replace designs that depend on it.

SHA256 is the conservative default for new designs.

In 4-5 years, SHA256 will probably have the same role as DES-EDE: a fundamentally sound design with unfavorable implementation properties (DES-EDE has a 64 bit block size, SHA256 has MD padding and length extension susceptibility), largely supplanted by something European.