Cryptography Reference
In-Depth Information
Hash functions should have at least 160-bit output length in order to withstand
collision attacks; 256 bit or more is desirable for long-term security.
MD5, which was widely used, is insecure. Serious security weaknesses have
been found in SHA-1, and the hash function should be phased out. The SHA-
2 algorithms all appear to be secure.
The ongoing SHA-3 competition will result in new standardized hash functions
in a few years.
