Why is hashing done at the beginning/end

  • Nobody/Anonymous

    Hi Dominik

    you included a reference in the help file, which shows the security risk in SHA-1. So, my question is: Why is it used, to hash the password and the AES encoded data?

    I assert that my passphrase is more secure than the hashed string... It is 192 bits and uses digits, U-/Lcase letters and symbols. So I don't want to have it hashed... Of course encrypted with at least 6000 rounds, but not hashed!
    So, it would be great, if you add two checkboxes in the 'Database Settings' dialogue: hash before/after encryption.

    Thanks very much!

    • Squeller

      Squeller - 2005-04-16

      Hi nobody. Generally you need a key with a fixed length. Theres minimize of security if the application converts your pass to a 256 bit key...

      • Squeller

        Squeller - 2005-04-17

        Oops, a typo. I meant "theres NO minimization of security"

    • Nobody/Anonymous

      Hello! why would a converting to a 256 minimize the security??
      Greetz, TKC (Same as before, by the way)

    • Nobody/Anonymous

      Hello! But why would converting to a 256bit key minimize the security??
      Greetz, TKC (Same as before, BTW)


Log in to post a comment.