Is SHA-512 safe? It was developed by the NSA. Could the NSA have developed SHA-512 with vulnerabilities on purpose in order to backdoor easier? Is Veracrypt working with the NSA??
lmao fucking retard
>>54465624
that's not very nice, and doesn't help me at all :( I think you're looking for /b/
>>54465595
leave
>>54465634
>doesn't know what a backdoor is
>uses veracrypt
>uses windows
I think you're the one who is looking for /b/
No, this is not possible. They either decrypt your files which will take years or bruteforce your password.
Seriously though, is SHA-512 a secure hashing algorithm or should I be using SHA3-512 instead?
>>54465654
ok thank you anon :) I didn't expect cyber-bullies in here, I thought they were all in /b/
>>54465661
>should I be using SHA3-512 instead
consider SHAKE256 instead my friend.
>>54465676
You use windows. Who cares if the encryption is backdoored because they already have your key. Thats why the other anon called you a retard
SHA-512 is a botnet. You need to use GNU/SHALALALA-16777216.
>>54465595
>even thinking that you could hide data from nsa
>even thinking
>>54466158
which brings us back to the point what is safe to use (hardware, os, software etc)?
>>54466076
Nice sources m8
MD5 is generally considered the best and it is web standard which works well with PHP
>>54466433
>he doesn't know how to use alta vista to find sources himself
it's 2016 ffs
>>54465595
If you are using Windows they have your key. Use a Linux based operating system with dmcrypt/LUKS.
>>54466268
if you want to hide from nsa/us goverment paper and pen in a thermite rigged safe
if you want to hide from 2./3. world country linux distribution with luks
if you want to hide from 1337 haxxors and general humans bitlocker
>>54466470
>MD5
susceptible to collision attacks.
Get raped and kill yourself, you retarded fucking faggot sack of shit with down syndrome.
>>54465640
OP and I are gonna stay and there's literally nothing you can do about it.
Cry more
>>54465634
Urafaget
>>54465595
Use TrueCrypt m8
https://www.grc.com/misc/truecrypt/truecrypt.htm
>>54465595
Well, I'd probably trust SHA-3 more, but t'd be comfortable with SHA-512 for a while..
The basic design primitives in sha-512 are the same as SHA-1, which is why when some progress was made on cryptanalysis of SHA-1 it was thought that problems in sha-512 would soon be found, but this hasn't happened yet.
So, I'd tentatively trust sha-512 but go for sha-3 when there's an option.
just use MD5 and save this dying planet you unbearable jew
>>54466721
>the pen has tracking software that takes the angle and records it so that the words can be recovered from memory
>>54465595
At present it seems so, except for length-extension (which affects all vanilla Merkle-Damgård constructions). That can in fact be mitigated by using SHA-512 and truncating it to 384 bits.
However, if you're doing something new, pick a new hash instead. Particularly I would suggest BLAKE2b as being an excellent all-rounder that emerged from the aftermath of the SHA-3 competition: more secure than the SHA-2 family, and faster than SHA-2, SHA-1 and even MD5. It really is quite excellent. There's an RFC and high-performance public-domain reference implementations. b2sum is already out there. There's a tree hash as well, although CFRG may specify a more advanced flexible tree hash format (would be nice to replace TTH/THEX wherever it lives, as TIGER192 is really getting on now).
If you need an arbitrary-length output (technically an XOF not a hash), you could also consider SHAKE256, which >>54466036 suggested and is reasonable. We're using that in the Ed448-Goldilocks elliptic curve signature function that CFRG are specifying, because we need a longer output than hashes normally. The Keccak sponge function is quite a bit slower in software than BLAKE/BLAKE2's AVX transforms, but performs well in hardware. I do not however expect CPUs to routinely Keccak blocks in the near future - it has a 1600-bit state, and that's a bit unwieldy for something you rarely use in many cases.
Surprisingly - perhaps, uniquely - it seems the NSA never pulled any stupid bullshit with their hashes. It seems looking back they really did put their best into it, and it was never export-controlled: perhaps because they didn't consider it to be used for encryption, as such. The SHA-0 -> SHA-1 diff (adding a rot) hardened it considerably against the best attack later discovered, although perhaps they weren't aware of the extent. SHA-2 still seems pretty good considering - there is no rush to replace it.
>>54466470
MD5 is broken. Do not use. Same with SHA-1. Results coming soon.