Security Basics: MD5-Hash of a SHA-1-Hash unsecure?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Basics mailing list archives

MD5-Hash of a SHA-1-Hash unsecure?

From: "Andre Pawlowski" <sqall () h4des org>
Date: Fri, 05 Dec 2008 09:19:25 +0100

Hey guys,

I've written a program which can store files encrypted (http://h4des.org/index.php?inhalt=kastalia ). The user enters apassword when he wants to encrypt a file. The programm makes aSHA-1-Hash of this password and transfers it from the browser to theserver. When the encryption starts, the program makes a MD5-Hash ofthis SHA-1-Hash for the IV of the blowfish algorithm.


Here is my question: Is it less secure when I make a MD5-Hash of a SHA-1-Hash?

Regards,

--
[] Andre Pawlowski

visit http://h4des.org

By Date By Thread

Current thread:

MD5-Hash of a SHA-1-Hash unsecure? Andre Pawlowski (Dec 05)
- RE: MD5-Hash of a SHA-1-Hash unsecure? David Gillett (Dec 08)
  - Re: MD5-Hash of a SHA-1-Hash unsecure? Andre Pawlowski (Dec 08)
- Re: MD5-Hash of a SHA-1-Hash unsecure? Alexander Klimov (Dec 08)
- <Possible follow-ups>
- Re: MD5-Hash of a SHA-1-Hash unsecure? jason . gerfen (Dec 05)
- Re: MD5-Hash of a SHA-1-Hash unsecure? Tom Ritter (Dec 08)