The US government's custodian of cryptography standards has released two proposed changes to the SHA-2 hashing algorithm that are designed to boost performance on 64-bit systems. The tweaks, published this week (PDF) by the National Institute of Standards and Technology, would update the 512-bit version of SHA-2, which was …
"... would reduce ... the performance requirements, ... by truncating the output."
Umm, back in the old days, web browsers developed in the US received export permission by taking 128-bit SSL and using only the 40 least significant bits, weakening the crypto considerably.
How is this any different?
By a factor of 3.2
The idea isn't to use SHA-512/256 instead of SHA-512: it's to use it instead of SHA-256. So it's replacing one 256-bit hash with another 256-bit hash. Completely different scenario to replacing a 128-bit cipher with a 40-bit one.
Generating rainbow tables for this would take less time!
- Breaking news: Google exec veep in terrifying SKY PLUNGE DRAMA
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Google chief Larry Page gives Sundar Pichai keys to the kingdom
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL