On Tue, Feb 10, 2004 at 04:23:22PM -0800, Hallam-Baker, Phillip wrote:
Use SHA-1
The probability of collision between two given hashes is 2^160.
I thought it is more like the sqrt of this---2^80.
But I do not understand this discussion at all: since a timestamp is
also part of the scheme, and assuming no bounce older than a month is
accepted, is not md5 more than sufficient (collision probability is
2^64)? Especially if several secrets are used. Any site can easily
calculate the number of secrets needed: look at the maximum number of
emails the site can receive in one second (assuming the timestamp is
in seconds).
Mate