top | item 24829369

(no title)

Well hashing is (usually) a symmetric function and we are open source... Meaning you could recover the key in the code (or intercept it during transfer). I think Private/Public key is a simpler approach, reusable elsewhere in the code and it's known to be safe. But I'm not the CTO either, I could be mistaken.

discuss

floren|5 years ago

Hashes aren't symmetric and don't use a key.

genuinebyte|5 years ago

Here, I found this really useful to understand hashes: https://crackstation.net/hashing-security.htm

Philippe_H|5 years ago

(but I think they already send it through HTTPS)