Re: MessageDigest Length

sean@onset.com.au wrote:
> Does anyone know if there is a way of setting the length of the hashed
> value returned from a message digest?

There isn't, but in general a good message digest spreads all the
information over all the bits of the result. So you can just cut stuff
off of the message digest. In protocols, you generally take the first
bytes from the returned byte array (e.g. within Key Generation or 4 byte
3DES MAC).

Maarten

On Sat, 22 Mar 2008 16:25:42 +0100, Maarten Bodewes
<maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone
who said :
 

There is not much point in generating a 256 bit digest then using only
the first 16 bits.  You can same yourself considerable CPU cycles by
generating a 16 bit digest directly .

Just pick an algorithm with the size you want. For a list of
algorithms see http://mindprod.com/jgloss/digest.html

Short ones are usually called "checksums".

--

Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com

Roedy Green wrote:
> On Sat, 22 Mar 2008 16:25:42 +0100, Maarten Bodewes
> <maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone
> who said :
> 
>
> There is not much point in generating a 256 bit digest then using only
> the first 16 bits.  You can same yourself considerable CPU cycles by
> generating a 16 bit digest directly .
>
> Just pick an algorithm with the size you want. For a list of
> algorithms see http://mindprod.com/jgloss/digest.html
>
> Short ones are usually called "checksums".
>

That's the worst advice I've seen for years. The strength is in the
algorithm mostly, not in the length of the value that you use. A CRC
does not provide cryptographic security *at all*. Of course, you cannot
delete bits without destroying the chances of creating hash collisions,
but at least you would not be able to just calculate them.

Actually, you should not be posting here if you know this little about
cryptography.

Regards,
Maarten