June 30, 2004
11:30 a.m.
On Wed, Jun 30, 2004 at 10:15:24AM +0100, Michael Hudson wrote:
Nevertheless, am I right to still believe that there are no known distinct strings which even MD5 to the same hash?
Correct. One significant reason for the larger SHAs to generate 256-bit keys for AES encryption; it's better to have a larger hash than to take a smaller one and replicate portions of it. But, given that we're not going to include AES in the Python stdlib, people will have to download a separate library anyway. This library could include SHA256, so this application isn't a compelling reason to add SHA256 to the stdlib. It would be different if there were existing protocols that need the larger hash, such as HTTP digest auth; are there any? --amk