[145829] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Merkle Signature Scheme is the most secure signature scheme

daemon@ATHENA.MIT.EDU (mheyman@gmail.com)
Wed Sep 8 12:48:03 2010

In-Reply-To: <20100903142935.GB24304@randombit.net>
Date: Wed, 8 Sep 2010 12:29:28 -0400
From: "mheyman@gmail.com" <mheyman@gmail.com>
To: Cryptography List <cryptography@metzdowd.com>

On Fri, Sep 3, 2010 at 10:29 AM, Jack Lloyd <lloyd@randombit.net> wrote:
> On Fri, Sep 03, 2010 at 09:45:20AM +0100, Ben Laurie wrote:
>
> ...narrow-pipe designs have a huge null space for messages
> which are exactly as big as the compression function input
> size. For instance hashing inputs that are multiples of 512 bits,
> SHA-256 will only produce about 63% of the possible 2^256
> outputs.
>
So we deal with SHA-255.33 instead of SHA-256. Not a big enough
difference to worry about.
----
-Michael Heyman

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[145829] in cryptography@c2.net mail archive

Re: Merkle Signature Scheme is the most secure signature scheme

daemon@ATHENA.MIT.EDU (mheyman@gmail.com)Wed Sep 8 12:48:03 2010

daemon@ATHENA.MIT.EDU (mheyman@gmail.com)
Wed Sep 8 12:48:03 2010