为什么双重哈希字符串(加密)是不好的? [重复]

This question already has an answer here:

i heard on another site that doing something like is a bad idea:

$string = "hello";
sha1(hash("sha512", $string));

... as far as i am concerned its a good, clever idea! why is it not? (i did not quite understand the explanation on the other site)

Thanks

</div>

There's nothing wrong with hashing multiple times. There are a number of cases where this is actually a good idea.

  1. You want to slow down brute force attacks.
  2. You have a databases full of hashed passwords that use a broken hashing scheme. Upgrading from MD5 to SHA1 for example.
  3. You're implementing a challenge/response scheme.

The example you pasted is bad because you're hashing a 512-bit hash with a 160-bit hash.