support SM3 hash algorithm

Question

support SM3 hash algorithm

Closed this issue 3 years ago · 3 comments

Do we have plans to support the SM3 algorithm? Libgcrypt already supports SM3.

Answer 1 · 2022-01-27T10:54:01.000Z

I hope not! SM3 is a fast hash, not a password hash, and it would be a vulnerability to directly use it for passwords.

Answer 2 · 2022-01-28T07:00:51.000Z

Is SHA256 a vulnerability to directly use for passwords?
The SM3 algorithm is an improved algorithm based on SHA-256. The compression function of the SM3 algorithm has a similar structure to the compression function of SHA-256, but the design of the SM3 algorithm is more complicated. For example, each round of the compression function uses 2 message words.

Answer 3 · 2022-01-28T07:55:16.000Z

Is SHA256 a vulnerability to directly use for passwords?

Yes, of course!