Page 1 of 1

SHA-512/1024

Posted: Sun Feb 12, 2006 3:32 am
by feyd
I'll be starting work on building new, pure php versions of SHA-512 and likely SHA-1024 for an upcoming project (i.e. framework). Although I don't have them done yet, nor have I really started on them, I do have plans to build them soon. What timeframe that actually means is beyond me, but I hope to have them either this month or next.

I'm wondering how many of you would like to get at these classes prior to the release of said framework?

I will also be re-engineering my SHA-256 class to both accommodate the new class structure, but also to simplify its use and promote interchanability between using 256, 512, 1024 or some future hashing construct including non-SHA based hashing routines. The first release(s) will be built against PHP 5.1+ (Strict), but I will make a backport to PHP 4.x (exact compatibility limit indeterminent as of now).

Any questions, feel free to ask. As always, I (we) will try to answer them as best we can.

Posted: Sun Feb 12, 2006 4:09 am
by AKA Panama Jack
You need to add a "Nope, never going to need it." selection. :)

Re: SHA-512/1024

Posted: Sun Feb 12, 2006 9:14 am
by Roja
feyd wrote:I'm wondering how many of you would like to get at these classes prior to the release of said framework?
I'm a patient one. As long as the existing sha-256 class remains available, any future improvements are just gravy.

As to the backport/compat issue, I can't run it if its php5-only, so I'm definitely all for the backport. :)

Posted: Sun Feb 12, 2006 9:53 am
by Chris Corbyn
:) Sweet!

As for me... I'm all PHP5 now and no PHP4 so it makes little difference to me to be backward compatible. Most people are still using 4 though afaik, haven't checked that stats recently.

Posted: Sun Feb 12, 2006 1:09 pm
by josh
I'm perfectly fine with only 256, but I would gladly update if you did release it, I see the added security as a bonus (256 is already sufficient)

Posted: Sun Feb 12, 2006 1:28 pm
by d3ad1ysp0rk
I don't see a problem with making 512/1024 PHP5+ only. If need be, they can use SHA-256, which is perfectly fine.

If they are that worried about security, and NEED to use something stronger, than they can also spend the hour or so upgrading PHP.

Posted: Mon Feb 13, 2006 5:49 am
by phpScott
sha-256 is still secure enough for my needs but I could barely wait to see what you come up with next.

Posted: Mon Feb 13, 2006 6:22 am
by Jenk
AKA Panama Jack wrote:You need to add a "Nope, never going to need it." selection. :)
It's there, it's called "The Back Button" :)

Posted: Mon Feb 13, 2006 11:48 am
by josh
You can't rely on the absence of a vote as a vote for "no", that would produce inaccurate results

Posted: Mon Feb 13, 2006 12:27 pm
by Roja
jshpro2 wrote:You can't rely on the absence of a vote as a vote for "no", that would produce inaccurate results
In this case, people who have no need for it have no impact on the question. Whether Feyd delays the release or not, someone who doesn't need it at all won't care either way.

Hence, the back button *is* the correct answer for those few individuals, and it doesn't produce inaccurate results - because Feyd wasn't asking how many people need it. He was asking when the people that DO need it need it by.

Posted: Mon Feb 13, 2006 1:14 pm
by feyd
that's why I chose the words I did. :) If people don't care about a very high level security hash then this doesn't concern them. It's mildly surprising they would read the thread at all considering the title. :lol:

Posted: Mon Feb 20, 2006 8:19 pm
by pennythetuff
I'm an avid user of the 256 script. It'd be great to see 256/512/1024 all in the same script. I work with a wide range of PHP environments since I freelance so a backport would be truly amazing.