The US government's custodian of cryptography standards has released two proposed changes to the SHA-2 hashing algorithm that are designed to boost performance on 64-bit systems. The tweaks, published this week (PDF) by the National Institute of Standards and Technology, would update the 512-bit version of SHA-2, which was …
"... would reduce ... the performance requirements, ... by truncating the output."
Umm, back in the old days, web browsers developed in the US received export permission by taking 128-bit SSL and using only the 40 least significant bits, weakening the crypto considerably.
How is this any different?
By a factor of 3.2
The idea isn't to use SHA-512/256 instead of SHA-512: it's to use it instead of SHA-256. So it's replacing one 256-bit hash with another 256-bit hash. Completely different scenario to replacing a 128-bit cipher with a 40-bit one.
Generating rainbow tables for this would take less time!
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Game Theory Half a BILLION in the making: Bungie's Destiny reviewed
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland