

Show HN: crype – diffable/syncable encryption for files or shell pipes - mappu
http://code.ivysaur.me/crype.html

======
higherpurpose
SHA1 is long past its expiry date. NIST has been recommending to move away
from it since 2010, and it outright banned it last year. And when the NSA-
influenced NIST recommends something, you know you should be doing it at least
3 years earlier. Someone like NSA or even a drug cartel can pretty easily
break it now.

This is a 2 year old article:

[https://www.schneier.com/blog/archives/2012/10/when_will_we_...](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html)

If you're worried about the performance overhead of SHA2, just use Blake2,
which is actually faster than SHA1 and even MD5:

[https://leastauthority.com/blog/BLAKE2-harder-better-
faster-...](https://leastauthority.com/blog/BLAKE2-harder-better-faster-
stronger-than-MD5.html)

[http://bench.cr.yp.to/results-
sha3.html#amd64-titan0](http://bench.cr.yp.to/results-sha3.html#amd64-titan0)

[https://blake2.net/](https://blake2.net/)

~~~
mappu
Key derivation is SHA1-PBKDF2 not just SHA1, but you're right. I'll change to
something more reputable in the next version.

