[7910] in cryptography@c2.net mail archive
Re: AES as a hash function?
daemon@ATHENA.MIT.EDU (Paulo S. L. M. Barreto)
Tue Oct 3 11:41:19 2000
From: "Paulo S. L. M. Barreto" <paulo.barreto@terra.com.br>
To: Jim Gillogly <jim@acm.org>, Bram Cohen <bram@gawth.com>
Date: Mon, 2 Oct 2000 21:51:11 -0200
Content-Type: text/plain
Cc: cryptography@c2.net,
People who supposedly write code <coderpunks@toad.com>
In-Reply-To: <39D91B25.7DC8D868@acm.org>
MIME-Version: 1.0
Message-Id: <00100221523704.00392@anubis>
Content-Transfer-Encoding: 8bit
On Mon, 02 Oct 2000, Jim Gillogly wrote:
> Bram Cohen wrote:
> >
> > The announcement didn't mention Rijndael's applicability as a hash
> > function. I thing I remember mention in earlier AES documents that it
>
> This is covered in the materials submitted by the Rijndael team,
> in the Algorithm Specification at
> http://csrc.nist.gov/encryption/aes/round2/r2algs.htm
> in section 13.
>
> > UHASH is also strictly 128-bit, it would be nice for there to be 256-bit,
> > 384-bit, and 512-bit versions as well, to keep parity with the AES.
>
> I expect SHA variants of these lengths to be available before long
> from NSA via NIST.
The 256-bit version of SHA-2 is said to be ready for a few months. I don't know
about the other two sizes, but it is likely that they are (almost) ready as
well.
Paulo Barreto.
