200k+MD5 is a bit too much, but I agree that using HMAC (perhaps HMAC+SHA1) rather than plain MD5 would be good. HMAC is targeted at specifically this use case too.
« Back to merge proposal
200k+MD5 is a bit too much, but I agree that using HMAC (perhaps HMAC+SHA1) rather than plain MD5 would be good. HMAC is targeted at specifically this use case too.