-
-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using secure fingerprint hash approach #7
Comments
@peter279k I'd be happy to accept a PR that adds all these algorithms as options. I'd suggest we keep the current default for now though, and perhaps do a later breaking release to change it. |
Hi @DivineOmega, thanks for your reply. Perhaps we can consider add this to be the What do you think about this idea? |
@peter279k We're already at v2.1.0, but yes. We could make it v3.0.0. I'd suggest we add the new fingerprint algorithms with the default kept the same, and release that as v2.2.0. |
As title, it seems that we use
MD5
andSHA-1
hashes for the connection fingerprint.But they're not safe because of collision.
To be secure, I think we can use the
SHA-2
,SHA-3
orbcrypt
(password_hash) to replace original hash approaches.@DivineOmega, what do you think about that? Thanks.
The text was updated successfully, but these errors were encountered: