Hacker News new | past | comments | ask | show | jobs | submit login

They are strictly better in theory. However, you should keep in mind that SHA-2 is much more battle-tested over the years.



The construction used in SHA-2 is in part inherited from SHA-1, which inherits from MD5, which inherits from MD4. The only hash in that list that doesn't have a scary research finding is SHA-2. There is a general unease about the family of hashes SHA-2 is in (but that doesn't necessitate unease about SHA-2 itself).

SHA-2 also has length-extension, which isn't a hash flaw per se, but is something you have to know about if you're building cryptosystems with the hash (as opposed to using something off-the-rack like HMAC).

If you are using HMAC, you really don't need to worry much about which hash you're using. There is to my knowledge no practical attack against HMAC-MD5.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: