[18829] in cryptography@c2.net mail archive
Re: Symmetric ciphers as hash functions
daemon@ATHENA.MIT.EDU (Travis H.)
Thu Nov 3 09:21:17 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 3 Nov 2005 05:33:47 -0600
From: "Travis H." <solinym@gmail.com>
To: Greg Rose <ggr@qualcomm.com>
Cc: Arash Partow <arash@partow.net>, cryptography@metzdowd.com
In-Reply-To: <6.2.5.4.2.20051101083009.06148528@qualcomm.com>
> Not so... the SHA family are all unbalanced Feistel structures.
Sorry, I guess I am thinking of AES. I don't know where I got the
"doesn't need to be invertible" bit, I must be conflating it with
something else.
He should also take a look at OCB, CCM, and CBC-MAC modes.
Perhaps he intends to hide the hash inside the encryption, in which
case he might be better off doing authentication+encryption.
--
http://www.lightconsulting.com/~travis/ -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
