-----BEGIN PGP SIGNED MESSAGE----- Often we have a source of entropy whose output we use as the input to a secure hash function. Does it matter if the hashing function is secure? I don't think so. All that really matters is that the function hashes evenly so that any input string is about as likely as any other input string to result in a particular hash. Even if the hash function is weak and collisions can be found, if it is even the same level of entropy is still available. Have I got this right? Monty Cantsin Editor in Chief Smile Magazine http://www.neoism.org/squares/smile_index.html http://www.neoism.org/squares/cantsin_10.htm -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBNGi7K5aWtjSmRH/5AQHNmgf8DddkfsAzC1xTLmOn1eS8Vsxx7HgxwEOh VGpiRC2D29N+y0z9+JZltiNd298QmfvlArYRXBFAC8dKvznf6HWa/xPetW+KqebQ qOKel9hw3pfT8jeRC6G1M9oarWPjU9jOGLlv/DByCI8EcUVvb3Kk9PxdywFpT289 vEFmfDQObHH9BtQFf2hrphx8FtE8QHWIeJMcA16QfKZX/nel9pWEyaXUfE6Rvwuh 3REctj4E/uoTi4FRBjxgFx4pnraIGqg2wVA8Q/iGr41BxauBgRZ+sMZt0CH/x9cc IAKSUuY709Gme6HEqWLyMDdIDZ3Y24xbd9r3eyjFGZZYeaGwG4KowQ== =Ey6Q -----END PGP SIGNATURE-----