|
|
|
|
|
|
by dnet
2353 days ago
|
|
|
That's only relevant if you're using it to make signatures, thus you can make two inputs that hash to the same digest, and signing that digest creates a signature that's valid for both inputs. In this case, the only threat model might be brute forcing the answer, but that applies to SHA-2 as well, since both are designed to be fast so that you can hash gigabytes in reasonable well. For that, something memory-hard such as Argon2 should be used. |
|
|