Recommended hash algorithms

[tarcieri]

Following up from RustCrypto/meta#10, this is an issue for discussion potentially adding "recommended" badges to certain algorithms in this repo:

[tarcieri]

Here are my votes for algorithms to recommend or not recommend:

Recommended

• blake2
• sha2
• sha3

I would've added k12 to this list as it's a fine, modern hash function, however our implementation of it is not great right now and I'm loathe to add a recommended badge to it until it is.

Note that there are many other hash algorithms we support which are secure and have decent implementations, but they are obscure/niche and I'd suggest only adding the badge to preferred, modern algorithms people should be selecting for greenfield development today.

NOT Recommended

I think we should add this badge to the following algorithms which are known to be cryptographically broken:

• md2
• md4
• md-5
• sha-1

[newpavlov]

I wonder if we should recommend BLAKE3 over BLAKE2. Also I am not sure if we should have both k12 and sha3 on the same recommendation list.

[tarcieri]

Since "recommending" in this case would involve placing a badge on the corresponding crate's README.md, it's not really possible for us to do that as the blake3 crate is external to our org. However, we do already link to it from the toplevel README.md, and could maybe update that mention to say it's a recommended algorithm.

Regarding k12, that's not really an issue unless we actively recommend it, which I wouldn't recommend doing until the implementation quality is improved.