[17109] in cryptography@c2.net mail archive
Re: Schneier: SHA-1 has been broken - Time for a second thought about SDLH ?
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sun Mar 20 23:23:50 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Ralf Senderek <ralf@senderek.com>
Cc: cryptography <cryptography@metzdowd.com>
In-Reply-To: Your message of "Mon, 14 Mar 2005 05:58:43 +0100."
<Pine.LNX.4.58.0503140541090.3094@safe.senderek.de>
Date: Sun, 20 Mar 2005 20:31:08 -0500
In message <Pine.LNX.4.58.0503140541090.3094@safe.senderek.de>, Ralf Senderek w
rites:
>
>And that is why I ask to give the Shamir Discrete Logarithm Hash Funktion a se
>cond
>thought. At leeast we have a proof of collision resistance under the assumptio
>n
>that factoring is infeasible for the modulus used.
>
>And that it more than we ever had regarding the MD4 series.
>
>BTW, choosing the next generation hash function should - as I think - not be
>dominated by terms of performance. (i.e done in the olde fashion)
>
"Dominated"? No, of course not. But a hash function based on discrete
log will be slow enough that no one will use it.
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
