|
List Info
Thread: Re: more on NIST hash competition
|
|
| Re: more on NIST hash competition |
|
2007-01-25 02:30:02 |
|
=?UTF-8?B?SXZhbiBLcnN0acSH?= solarsail.hcs.harvard.edu> writes:
>Perry E. Metzger wrote:
>> http://www.csrc.nist.gov/pki/HashWorkshop/index.html
>
>I'm completely unfamiliar with the way NIST operates, but I've been wondering
>for years why they haven't organized this competition already. Do we have a
>list veteran who can shed some light on why it took them this long? My
>curiosity demands to know.
The AES competition was already a severe resource drain, running another one
for an AHS would have been prohibitive, until the clear signs that SHA was in
real trouble made it more palatable.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo metzdowd.com
|
| Re: more on NIST hash competition |
|
2007-01-26 09:54:11 |
|
| At 9:30 PM +1300 1/25/07, Peter Gutmann wrote:
>=?UTF-8?B?SXZhbiBLcnN0acSH?= solarsail.hcs.harvard.edu> writes:
>>Perry E. Metzger wrote:
>>> http://www.csrc.nist.gov/pki/HashWorkshop/index.html
>>
>>I'm completely unfamiliar with the way NIST operates, but I've been wondering
>>for years why they haven't organized this competition already. Do we have a
>>list veteran who can shed some light on why it took them this long? My
>>curiosity demands to know.
>
>The AES competition was already a severe resource drain, running another one
>for an AHS would have been prohibitive, until the clear signs that SHA was in
>real trouble made it more palatable.
This is an incorrect interpretation, I believe. The NIST folks at the
workshop said a few times that they were not worried about SHA-1
because they have already deprecated it beginning at the end of 2010.
That leaves only SHA-2, in which they said they had sufficient
confidence. Further, no one publicly expressed worry at the workshop
that SHA-2 would have any significant breaks in the near future.
The dates on the competition timeline shows that AHS (cute name,
Peter!) is not meant as a replacement for SHA-2, given that it won't
be selected until after SHA-1 needs to stop being used.
--Paul Hoffman, Director
--VPN Consortium
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomometzdowd.com
|
[1-2]
|
|
|
about | contact Other archives ( Real Estate discussion Medical topics )
|