Note, this only checks Phobos's RNG's and digests, and only by type. This
works on a blacklist basis - it blindly accepts any Phobos-compatible RNG
or digest it does not know about. This is only supplied as a convenience. It
is always your own responsibility to select an appropriate algorithm for your
own needs.
And yes, unfortunately, this does currently rule out all RNG's and digests
currently in Phobos (as of v2.065). They are all known to be fairly weak
for password-hashing purposes, even SHA1 which despite being heavily used
has known security flaws.
For digests, you should use one of the SHA-2 algorithms (for example, SHA512)
or, better yet, an established "key stretching" algorithm
( http://en.wikipedia.org/wiki/Key_stretching#History ), intended
for password hashing. These contain deliberate inefficiencies that cannot be
optimized away even with massive parallelization (such as a GPU cluster). These
are NOT too inefficient to use for even high-traffic authentication, but they
do thwart the parallelized brute force attacks that algorithms used for
streaming data encryption, such as SHA, are increasingly susceptible to.
https://crackstation.net/hashing-security.htm
Note, this only checks Phobos's RNG's and digests, and only by type. This works on a blacklist basis - it blindly accepts any Phobos-compatible RNG or digest it does not know about. This is only supplied as a convenience. It is always your own responsibility to select an appropriate algorithm for your own needs.
And yes, unfortunately, this does currently rule out all RNG's and digests currently in Phobos (as of v2.065). They are all known to be fairly weak for password-hashing purposes, even SHA1 which despite being heavily used has known security flaws.
For random number generators, you should use a CPRNG (cryptographically secure pseudorandom number generator): http://en.wikipedia.org/wiki/Cryptographically_secure_pseudo-random_number_generator
For digests, you should use one of the SHA-2 algorithms (for example, SHA512) or, better yet, an established "key stretching" algorithm ( http://en.wikipedia.org/wiki/Key_stretching#History ), intended for password hashing. These contain deliberate inefficiencies that cannot be optimized away even with massive parallelization (such as a GPU cluster). These are NOT too inefficient to use for even high-traffic authentication, but they do thwart the parallelized brute force attacks that algorithms used for streaming data encryption, such as SHA, are increasingly susceptible to. https://crackstation.net/hashing-security.htm