> Yes, SHA2 will also become weak eventually - so then you bump it again.
I disagree here. I doubt SHA2 or any modern hash will become weak within our lifetime. JP Aumasson, who is one of the experts of the field, agrees with me on that:
https://twitter.com/veorq/status/834872988445065218
It's funny because in that Twitter thread this[0] is linked:
Reactions to stages in the life cycle of cryptographic hash functions
Stage | Expert reaction | Programmer reaction | Non-expert ("slashdotter") reaction
---------------------+---------------------------------------------+-------------------------------------------------+----------------------------------------
... | ... | ... | ...
General acceptance | Top-level researchers begin serious work on | Even Microsoft is using the hash function now | Flame anyone who suggests the function
| finding a weakness (and international fame) | | may be broken in our lifetime
Just to be clear: I don't doubt JP Aumasson's reasons to believe so. I doubt yours because as far as I can tell it's basically argument from authority ("JP Aumasson said so!")
I disagree here. I doubt SHA2 or any modern hash will become weak within our lifetime. JP Aumasson, who is one of the experts of the field, agrees with me on that: https://twitter.com/veorq/status/834872988445065218