| From: | "Chad Wagner" <chad(dot)wagner(at)gmail(dot)com> |
|---|---|
| To: | "Ezequias Rodrigues da Rocha" <ezequias(dot)rocha(at)gmail(dot)com> |
| Cc: | PostgreSQL <pgsql-sql(at)postgresql(dot)org> |
| Subject: | Re: SHA-1 vs MD5 |
| Date: | 2007-03-08 14:52:29 |
| Message-ID: | 81961ff50703080652o41274e2djc5b789fb4da9bd27@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
On 3/8/07, Ezequias Rodrigues da Rocha <ezequias(dot)rocha(at)gmail(dot)com> wrote:
>
> I really don't have the pgcrypto. It could be a nice alternative. Could
> you tell me the steps to install it ?
This should help you out:
http://www.postgresql.org/docs/8.2/static/external-extensions.html
http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/README?rev=1.91;content-type=text%2Fplain
I am very concerned about security in my application becouse we are going to
> moviment a large ammount of information and money. As much i take care of it
> as good.
SHA1 and MD5 are hashing algorithms, they are typically used for passwords
and in conjunction with public key encryption or over-the-wire encryption to
sign the message. If you are really concerned about security, you may want
to hire an experienced person in the security engineering field. Especially
if you are talking about financial information.
I know some problem of MD5 and know it is very good too. If someone could
> tell me where MD5 is used I could be more relaxed.
The impression I get is that SHA-256, SHA-384, or SHA-512 are the preferred
hashing algorithms, but I really don't keep up on it. Many many password
systems use MD5, I think it is reasonably safe.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Toombs | 2007-03-08 18:01:51 | A form of inheritance with PostgreSQL |
| Previous Message | Ezequias Rodrigues da Rocha | 2007-03-08 11:39:26 | Re: SHA-1 vs MD5 |