[7358] in cryptography@c2.net mail archive
Re: Extracting Entropy?
daemon@ATHENA.MIT.EDU (Pete Chown)
Tue Jun 20 06:53:39 2000
Date: Tue, 20 Jun 2000 11:43:37 +0100
From: Pete Chown <Pete.Chown@skygate.co.uk>
To: coderpunks@toad.com, cryptography@c2.net
Message-ID: <20000620114337.E1870@hyena.skygate.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20000620034002.19574.qmail@nym.alias.net>; from mix@anon.lcs.mit.edu on Tue, Jun 20, 2000 at 03:40:02AM -0000
lcs Mixmaster Remailer wrote:
> Probably the best is to concatenate the output of multiple hashes. You
> could either use different ones like SHA and MD5, or you can get the
> effect of multiple hashes by just using SHA and putting a different
> constant prefix on the data for each instance. Use a '0' prefix,
> a '1' prefix, a '2' prefix and so on, until you have enough hash
> contexts to produce all the output you need.
Is this a secure way of increasing the number of bits returned by a
hash function?
I have always been puzzled by the patents on MDC-2 and MDC-4. They
are perfectly good schemes, I am sure, but they don't seem any better
than obvious alternatives. For example, if the answer to my question
is yes, you could use two Davies-Meyer arrangements with different
starting points. If you used an AES candidate for the block cipher,
you would get 256 bits of hash output, which would be plenty.
--
Pete
