cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ericgeater
Community Champion

Preferred hashing tools

What software tools do you use for performing file hashes?  And when you hash, are you especially careful to use SHA256, or do you use MD5?

-----------
A claim is as good as its veracity.
3 Replies
AppDefects
Community Champion

No comment on commercial tools Smiley Wink since our shop builds and integrates software. We rely heavily upon hash function guidance provided by NIST. Specifically, we reference FIPS 202, which specifies the new SHA-3 family of permutation-based functions based on KECCAK as a result of the “SHA-3” Cryptographic Hash Algorithm Competition.

 

FIPS 202 specifies:

 

  • Four fixed-length hash algorithms: SHA3-224, SHA3-256, SHA3-384, and SHA3-512; and
  • Two closely related, “extendable-output” functions (XOFs): SHAKE128 and SHAKE256.

Currently, only the four fixed-length SHA-3 algorithms are approved hash algorithms, providing alternatives to the SHA-2 family of hash functions. 

 

A lot of these algorithms have found their way into the Legion of the Bouncy Castle Java cryptography APIs and FIPS mode "jars" so that makes including the functions easy.

ericgeater
Community Champion

Thanks, by the way!

-----------
A claim is as good as its veracity.
Baechle
Advocate I

Hashdeep/md5deep if I am doing manual hashes.

I run MD5 AND SHA-256.

Possible collisions on one or the other. Collisions from two different algorithms? There isn’t a number big enough to define the odds.

-Eric