undefined | Better HN

0 comments

5 comments · 2 top-level

tashmahalic12y ago· 2 in thread

There's a tradeoff between collision resistance and fingerprint string length. We chose MD5 because people are comfortable with it in ssh, it's a shorter string to verify than something like SHA-256, and because we planned to make your peer's entire public key base64 available if you really wanted to go that extra mile (currently not available).

What would you prefer personally: (1) MD5 fingerprint for convenience AND entire peer public key base64 available if you really want; vs (2) just a longer SHA-256 fingerprint.

pjscott12y ago

If you just want a shorter string, I'd prefer truncated SHA-256.

tptacek12y ago

Yes, this is the correct way to get a shorter hash. Using MD5 is a terrible idea.

adam-f12y ago· 1 in thread

I'm confused by their claim of hashing and THEN salting authentication codes.

    On the server-side, we don't store the authentication
    code in plaintext. We hash it with PBKDF2 / SHA-256,
    salt it, then store it.

tashmahalic12y ago

It's a salted hash. That page is corrected, thanks.

j / k navigate · click thread line to collapse