[142574] in cryptography@c2.net mail archive
RE: MD5 considered harmful today, SHA-1 considered harmful tomorrow
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Sat Jan 17 09:55:05 2009
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: b.m.m.d.weger@TUE.nl, cryptography@metzdowd.com,
Victor.Duchovni@morganstanley.com
In-Reply-To: <7DF2365FF07C0E4E89419D65CCC93C9E01435C239495@EXCHANGE11.campus.tue.nl>
Date: Mon, 12 Jan 2009 16:05:08 +1300
"Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> writes:
>> Bottom line, anyone fielding a SHA-2 cert today is not going=20
>> to be happy with their costly pile of bits.
>
>Will this situation have changed by the end of 2010 (that's next year, by the
>way), when everybody who takes NIST seriously will have to switch to SHA-2?
I have a general outline of a timeline for adoption of new crypto mechanisms
(e.g. OAEP, PSS, that sort of thing, and not specifically algorithms) in my
Crypto Gardening Guide and Planting Tips,
http://www.cs.auckland.ac.nz/~pgut001/pubs/crypto_guide.txt, see "Question J"
about 2/3 of the way down. It's not meant to be definitively accurate for all
cases but was created as a rough guideline for people proposing to introduce
new crypto mechanisms to give an idea of how long they should expect to wait
to see them adopted.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
