The US government's custodian of cryptography standards has released two proposed changes to the SHA-2 hashing algorithm that are designed to boost performance on 64-bit systems. The tweaks, published this week (PDF) by the National Institute of Standards and Technology, would update the 512-bit version of SHA-2, which was …
"... would reduce ... the performance requirements, ... by truncating the output."
Umm, back in the old days, web browsers developed in the US received export permission by taking 128-bit SSL and using only the 40 least significant bits, weakening the crypto considerably.
How is this any different?
By a factor of 3.2
The idea isn't to use SHA-512/256 instead of SHA-512: it's to use it instead of SHA-256. So it's replacing one 256-bit hash with another 256-bit hash. Completely different scenario to replacing a 128-bit cipher with a 40-bit one.
Generating rainbow tables for this would take less time!
- Leaked screenshots show next Windows kernel to be a perfect 10
- Amazon warming up 'cheapo web video' cannon to SINK Netflix
- Something for the Weekend, Sir? I need a password to BRAKE? What? No! STOP! Aaaargh!
- Episode 13 BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
- Vulture at the Wheel Ford's B-Max: Fiesta-based runaround that goes THUNK