Hacker News new | past | comments | ask | show | jobs | submit login

Aren't there more secure hashes than SHA1 that are also faster? Like BLAKE2, which can be configured for 128 or 160 bit output?



The security of hmac is not based strictly on the collision resistance of the hashing function.

Oh, and if your HMAC seals over an origin timestamp which your API respects, you've gone and made things even harder.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: