[15981] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

On hash breaks, was Re: First quantum crypto bank transfer

daemon@ATHENA.MIT.EDU (Joseph Ashwood)
Mon Aug 23 14:09:05 2004

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Joseph Ashwood" <ashwood@msn.com>
To: <cryptography@metzdowd.com>
Date: Sun, 22 Aug 2004 13:42:03 -0700

Since the rest has been covered quite well, I will instead focus on the 
comparison of AES and SHA-0, RIPEM, MD5, etc.

----- Original Message ----- 
From: "Jerrold Leichter" <jerrold.leichter@smarts.com>
Subject: Re: First quantum crypto bank transfer


> Alternatively, how anyone can have absolute confidence in conventional 
> crypto
> in a week when a surprise attack appears against a widely-fielded 
> primitive
> like MD5 is beyond me.  Is our certainty about AES's security really any
> better today than was our certainty about RIPEM - or even SHA-0 - was 
> three
> weeks ago?
> -- Jerry

Actually for years the cryptography community has been saying "retire MD5," 
SHA-0 has been required to be replaced by SHA-1 for some time, the RIPEM 
series is functionally-speaking unused and represented the only real 
surprise. Except for RIPEM there were known to be reasons for this, MD5 was 
known to be flawed, SHA-0 was replaced because it was flawed (although 
knowledge of the nature of the flaw was hidden). Even with RIPEM (and SHA-1 
for the same reason) I have plans in place (and have had for some time) the 
move away from 160-bit hashes to larger ones, so the attack on RIPEM had 
little effect on me and my clients, even a full attack on SHA-1 would have 
little effect on the clients that actually listen (they all have backup 
plans that involve the rest of the SHA series and at the very least 
Whirlpool).

So basically I encourage my clients to maintain good business practices 
which means that they don't need to have belief in the long term security of 
AES, or SHA-1, or RSA, or ......... This is just good business, and it is a 
process that evolved to deal with similar circumstances.
                Joe


Trust Laboratories
Changing Software Development
http://www.trustlaboratories.com 

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
home help back first fref pref prev next nref lref last post