Hacker News new | ask | show | jobs
by Philippe_H 2067 days ago
Well hashing is (usually) a symmetric function and we are open source... Meaning you could recover the key in the code (or intercept it during transfer). I think Private/Public key is a simpler approach, reusable elsewhere in the code and it's known to be safe. But I'm not the CTO either, I could be mistaken.
3 comments
floren 2067 days ago
Hashes aren't symmetric and don't use a key.
link
genuinebyte 2067 days ago
Here, I found this really useful to understand hashes: https://crackstation.net/hashing-security.htm
link
Philippe_H 2067 days ago
(but I think they already send it through HTTPS)
link