Giter Site home page Giter Site logo

Comments (2)

Maikuolan avatar Maikuolan commented on May 2, 2024 2

Hi SakuraLove,

I just noticed your issue was closed without any responses. Sorry to see that there weren't any responses at an earlier time (I'd assumed that someone would've piped in).

I guess the issue is either resolved or not important now, seeing as the issue has been closed, but I'll try to answer anyhow.

It's difficult to say exactly whether using SHA1 for your API will be safe or unsafe, without knowing the exact context of its use, how it's being used and so on. Generally though, compared to other, newer hashing algorithms, SHA1 isn't considered safe anymore, due to that it has recently left the club of hashing algorithms without known collisions and entered the club of hashing algorithms with known collisions (so, officially unsafe, in that regard). It's possible that your own implementation won't run into any specific security problems, but seeing as it's now officially unsafe, I can't say with any certainty that any unknown implementation of it would be safe.

Also see:

from api-security-checklist.

Y2Nk4 avatar Y2Nk4 commented on May 2, 2024 2

Thank you anyway.I notice that nobody answered this issue so I closed it .
Yes,It has never been safe.I noticed that Google's team has cracked the SHA-1 Function some months ago.
I will also try to use the newer hasing and encrypt the trade info by AES.
And the API is using HTTPS to send information , too.
Our team is also discussing the security.And my project met a big problem now :(
However,thank you very much for answering me.Have a nice day.

from api-security-checklist.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.