Am Donnerstag, 21. September 2006 16:49 schrieb Vlastimil Babka:
> Although the "more secure than MD5" part is now questionable, I suppose
> the "directly available in python" part still holds?
From "What's new in python 2.5"
13.3 The hashlib package
A new hashlib module, written by Gregory P. Smith, has been added to replace
the md5 and sha modules. hashlib adds support for additional secure hashes
(SHA-224, SHA-256, SHA-384, and SHA-512). When available, the module uses
OpenSSL for fast platform optimized implementations of algorithms.
The old md5 and sha modules still exist as wrappers around hashlib to
preserve backwards compatibility. The new module's interface is very close to
that of the old modules, but not identical. The most significant difference
is that the constructor functions for creating new hashing objects are named
I think sha256/512 is the only thing that makes sense at the moment, as it
most probably will stay secure for quite a while and we don't have real
alternatives. So imho use sha256, get rid of everything else, because that
rarely improves security, and wait for the nist to define something new
(which will happen, but probably take some years from now).