The Pure Crypto Project's Hash Function
Ralf Senderek
ralf at senderek.de
Sat May 3 14:41:31 EDT 2003
On Sat, 3 May 2003, Adam Shostack wrote:
>
> Do you want good, fast, and cheap, too?
good: YES, preferably the best.
fast: MAYBE, if I'd sign my day's work I can wait the few seconds
PCP needs to sign my day's effords
cheap: NO, if I need cheep hashing I'd use PGP-2.6.3i or md5sum
> Small code is only useful for ease of review, and bug resistance.
> However, code reuse also accomplishes those same goals. There seems
> to be a lot of audit work done on openssl, use their sha
> implementation, or get NIST's. You get a solid hash function, and the
> important benefits of small code.
Small code? How many lines of C-code is sha-1 in openssl? Can you
explain every single one to me with respect to its security?
These questions shall only shed some light on the problem that most of the
crypto we are using every day is not really understandable for most
of us. And in this respect, I think, the Pure Crypto Hash is a
step forward.
And the original question was not why I am not willing to use sha1 but
if the Pure Crypto Hash is secure. I really would like to know the
list's assessment on this.
Comments and criticism always welcome.
Ralf.
*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*
* Ralf Senderek <ralf at senderek.de> http://senderek.de * What is privacy *
* Sandstr. 60 D-41849 Wassenberg +49 2432-3960 * without *
* PGP: AB 2C 85 AB DB D3 10 E7 CD A4 F8 AC 52 FC A9 ED * Pure Crypto? *
*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list