24 Feb
2017
24 Feb
'17
7:43 p.m.
Hi, There is a sha1 collision detection library at: https://github.com/cr-marcstevens/sha1collisiondetection
Given that algorithms like sha1 are notoriously hard to phase out, does it make sense for nettle to add support for collision detection, in effect giving applications the option to switch to a mode where a known to be insecure hash is enabled, but with such collision detection mitigations in place.
Does something like the above library make sense to be added to nettle?
regards, Nikos