[8220] in cryptography@c2.net mail archive
Re: migration paradigm (was: Is PGP broken?)
daemon@ATHENA.MIT.EDU (David Honig)
Tue Dec 5 19:42:11 2000
Message-Id: <3.0.6.32.20001205162332.007f2100@pop.sprynet.com>
Date: Tue, 05 Dec 2000 16:23:32 -0800
To: Bram Cohen <bram@gawth.com>,
William Allen Simpson <wsimpson@greendragon.com>
From: David Honig <honig@sprynet.com>
Cc: cryptography@c2.net
In-Reply-To: <Pine.LNX.4.21.0012042316390.17382-100000@ultra.gawth.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
At 11:19 PM 12/4/00 -0800, Bram Cohen wrote:
>On Mon, 4 Dec 2000, William Allen Simpson wrote:
>
>> We could use the excuse of AES implementation to foster a move to a
>> new common denominator.
>
>AES is silly without an equivalently good secure hash function, which we
>don't have right now.
>
Is there a reason not to use AES block cipher in a hashing mode
if you need a secure digest of some data?
I can only imagine efficiency reasons, ie, faster to use a dedicated hash
function than to use a full block cipher. Similarly with stream ciphers;
any block cipher can be stream cipher and vice versa. If you were
doing hardware, you might want to avoid implementing extra algorithms.
dh
