Using a truncated SHA-512/256 also has the advantage of being considerably faste... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		koolba on Feb 25, 2017 \| parent \| context \| favorite \| on: Lifetimes of cryptographic hash functions Using a truncated SHA-512/256 also has the advantage of being considerably faster than SHA-256 on 64-bit CPUs. The performance difference is close to 50%. As such, I see no reason to use SHA-256 for anything[1], you're better off just using SHA-512/256 as the net storage is the same as well (32-bytes). [1]: Assuming you're running on a 64-bit platform...

kobeya on Feb 26, 2017 [–]

For hashing large data, yes. For password derivation schemes or hash trees, no. SHA512 is only faster per byte because the block size is larger. SHA256 has faster rounds.

koolba on Feb 26, 2017 | [–]

If you're using SHA-anything for hashing passwords you're doing it wrong.

kobeya on Feb 26, 2017 | | [–]

Industry standards like PBKDF2 use hash functions like SHA internally.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact