[7503] in cryptography@c2.net mail archive
Re: New hash function definitions
daemon@ATHENA.MIT.EDU (John Kelsey)
Wed Jul 19 09:34:45 2000
Message-Id: <4.1.20000717204500.0094c100@email.plnet.net>
Message-Id: <4.1.20000717204500.0094c100@email.plnet.net>
Date: Mon, 17 Jul 2000 20:48:57 -0500
To: Jaap-Henk Hoepman <hoepman@cs.utwente.nl>
From: John Kelsey <kelsey@plnet.net>
Cc: cryptography@c2.net
In-Reply-To: <kpaefnjzw6.fsf@utip202.cs.utwente.nl>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
At 02:28 PM 7/12/00 +0200, Jaap-Henk Hoepman wrote:
...
>Generalising the non-length-extension property, I would expect a
>`good' hash function to make it hard to compute h(a || b || c) given
>h(b), for bitstrings a,b,c where either a or b may be empty.
In fact, I think the ideal criterion is that lacking any R bits of
the input to h(), you can't do substantially better than guessing 2^R
different possible outputs.
>Regards,
>Jaap-Henk
- --John Kelsey, Counterpane Internet Security, kelsey@counterpane.com
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 Int. for non-commercial use
<http://www.pgpinternational.com>
Comment: foo
iQCVAwUBOXO3hCZv+/Ry/LrBAQEBGQP/VNoXhCX/m5RcdUUNx8k6wJukbfbPXrSI
KjCuVE7GITXvvTXfGBCQvpMbN4FZzaggLWPdp84kX0zpnMNKInvTqsUr1XczAz/P
UXwfwAITRuORnp2chxVp+BUI0vviaoIrrKhbBzipf91HU1zPSPMLeRN3U0eS5fAk
iD0xhdUivDM=
=J89V
-----END PGP SIGNATURE-----
