SHA-1 replacement

Florian Weimer fw at deneb.enyo.de
Mon Aug 29 13:07:06 CDT 2005


* Wojciech Milkowski:

> yet another SHA-1 freak'n post ;)
>
> We already discussed that SHA-1 is still suitable for Mercurial, but I'm 
>  just curious what do you think about that, as an eventual future 
> replacement: http://www.cs.technion.ac.il/~biham/Reports/Tiger/

Any algorithm which is not based on some theory is not worth the
trouble of switching, IMHO.

Unfortunately, the only cryptographic hash functions for which there
is some published theory are based on operations on large integers,
and are much slower than SHA-1 as a result.  The slowdown is in the
order of one to two magnitudes, which might be unacceptable.


More information about the Mercurial mailing list