The Pure Crypto Project's Hash Function
Eric Rescorla
ekr at rtfm.com
Sat May 3 16:21:14 EDT 2003
Ralf Senderek <ralf at senderek.de> writes:
> On Sat, 3 May 2003, Adam Shostack wrote:
> > Small code is only useful for ease of review, and bug resistance.
> > However, code reuse also accomplishes those same goals. There seems
> > to be a lot of audit work done on openssl, use their sha
> > implementation, or get NIST's. You get a solid hash function, and the
> > important benefits of small code.
>
> Small code? How many lines of C-code is sha-1 in openssl? Can you
> explain every single one to me with respect to its security?
Can you explain every single line of the modular exponentiation
routine you're using? Every single line of the compiler you're
using to compile the code?
> These questions shall only shed some light on the problem that most of the
> crypto we are using every day is not really understandable for most
> of us. And in this respect, I think, the Pure Crypto Hash is a
> step forward.
Why? The amount of math you would need to demonstrate the security
or insecurity of your hash algorithm is incredibly prohibitive,
and vastly larger than the amount of effort required to analyze the
C code in SHA-1.
-Ekr
--
[Eric Rescorla ekr at rtfm.com]
Web Log: http://www.rtfm.com/movabletype
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list