|
|
|
|
|
|
by MerryMage
2529 days ago
|
|
|
384 is not vulnerable to length extension attacks precisely because it is truncated. The output is not he full internal state. The speed advantage of SHA-512 and the advantage of truncation is why some more exotic variants like SHA-512/256 (SHA-512 truncated to 256 bits) are used in newer protocols. |
|
|