Cryptographic hash functions in Python
I am writing a Python program for elliptic curve cryptography (for school and no interest). I am currently working on a digital signature algorithm. I am currently looking for a good and secure hashing function that is standard Python or can be easily downloaded and imported. I was thinking about SHA256 since it's the only thing I know that hasn't broken yet (as far as I know). However, I also read that SHA should not be used for cryptography. Is SHA256 suitable for digital signature algorithm? Or should I use a different hashing function? If so, which one would be a good choice?
source to share
I am using SHA-512 for a similar purpose, I think it will be difficult for you to achieve much more security than that. SHA-512 is available in python hashlib and can be used like this:
import hashlib
hashGen = hashlib.sha512()
hashGen.update("What you want to hash")
hash = hashGen.hexdigest()
print "your hash is: ", hash
source to share
The best standardized algorithm currently available is still SHA-2. SHA-2 now consists of 6 hash functions: SHA-256, SHA-384 and SHA-512 were first defined. SHA-224 was later added to provide a smaller output size. Since then, the less accessible SHA-512/224 and SHA-512/256 have been introduced.
SHA-2 mainly consists of 32-bit oriented SHA-256 variants - SHA-256 and SHA-224 - and 64-bit SHA-512 variants - others. The performance of SHA-512 variants may actually be better on 64-bit machines, which is why SHA-512/224 and SHA-512/256 came along. Basically the SHA-256 / SHA-512 variants differ only in the constants they use internally and the number of bits used as the output size. Some new Intel and AMD SHA processors that only accelerate SHA-256 but not SHA-512 may again shift the SHA-256 preference for speed.
During the SHA-3 competition, it turned out that SHA-2 is still pretty strong even though SHA-1 is under attack. I would suggest only looking at other hashes if SHA-2 is under attack or if better hashing algorithms are standardized and used.
From Wikipedia:
In 2005, security flaws were identified in SHA-1, namely that a mathematical weakness may exist, indicating the desirability of a stronger hash function. [6] Although SHA-2 shares some similarities with SHA-1, these attacks have not been successfully extended to SHA-2.
Note that SHA-2 uses a significantly more complex rounding function than SHA-1. So while it has a similar structure (both so-called Merkle-Damgard hash codes), SHA-2 can be much more robust than SHA-1 against attacks nonetheless.
source to share