Adding a nounce before hashing as covert channel
Rainer Perske
rainer.perske at uni-muenster.de
Wed Dec 11 17:59:55 CET 2024
Hey, you are discussing ways to circumvent the security risks of a weak hash algorithm.
That is the wrong way and only wastes time and energy.
Do NOT use a weak hash algorithm like SHA-1 at all any more.
Simply choose a strong one like SHA-2 or SHA-3.
This solution is so easy and helps much, much more than any use of salts or nonces.
Because then the problem that you are trying to fix simply does not exist at all!
Best regards
--
Rainer Perske
Systemdienste + Leiter der Zertifizierungsstelle (UCAM)
--
Universität Münster
CIT - Center for Information Technology
Rainer Perske, Systemdienste
Röntgenstraße 7-13, Raum 006
48149 Münster
Tel.: +49 251 83-31582
E-Mail: rainer.perske at uni-muenster.de
Website: www.uni-muenster.de/IT
Universitätszertifizierungsstelle Münster (UCAM):
Tel.: +49 251 83-31590
E-Mail: ca at uni-muenster.de
WWW: www.uni-muenster.de/CA
YouTube: youtube.com/@uni_muenster
Instagram: instagram.com/uni_muenster
LinkedIn: linkedin.com/school/university-of-muenster
Facebook: facebook.com/unimuenster
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6319 bytes
Desc: S/MIME cryptographic signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20241211/446a877b/attachment.bin>
More information about the Gnupg-devel
mailing list