blabla1337
commented
3 years ago Thanks David for this fix, also for your information this KB item we consume them from the CWE database. So there this should also be updated. Do you maybe know someone over there so we can send the update back to them as well?
Update the text about adaptive (iterated) cryptographic hash functions.
The old text failed to mention Argon2id (which is generally preferred today), and falsely suggested that all algorithms have identical security characteristics (which is not true). Instead, list the 4 commonly-used algorithms and explain their pros/cons.
Signed-off-by: David A. Wheeler dwheeler@dwheeler.com