LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Off-the-Record plugin, SHA-1 or SHA-2? (https://www.linuxquestions.org/questions/linux-security-4/off-the-record-plugin-sha-1-or-sha-2-a-815250/)

madbullet 06-20-2010 05:22 AM
Off-the-Record plugin, SHA-1 or SHA-2?
 
Hey everyone at LQ,

I’ve being digging around the net for some clarification about the Off-The-Record plugin for Pigdin (and other IM's).
Basically i want to know if it uses the SHA-1 or SHA-2 hash function. Some might say i’m wearing my tin foil hat but the SHA-1 was cracked in 2005 and as far as i know SHA 2 is much more secure.

Wikipedia states it's SHA 1 and the authors of the OTR plugin mention both SHA-1 and SHA-2 in their documentation, and i couldn’t find an active pidgin forum (could only find the archived pigdin forums on sourgeforge)

Unless their's a better method to use IM securely?

Cheers guys.

Merriwell

scheidel21 06-21-2010 09:28 AM
What are you talking about that you want encrypted....j/k. Perhaps they have built in SHA-2 in the newest plugin version. Why not try contacting one of the authors? Even though SHA-1 has been broken all encryption is not infallible and eventually breakable so SHA-1 may be work it for you.


All times are GMT -5. The time now is 11:41 AM.