The Pure Crypto Project's Hash Function
Anton Stiglic
astiglic at okiok.com
Mon May 5 09:51:55 EDT 2003
----- Original Message -----
From: "Ralf Senderek" <ralf at senderek.de>
To: "tom st denis" <tomstdenis at yahoo.com>
Cc: <cryptography at metzdowd.com>
Sent: Sunday, May 04, 2003 2:57 AM
Subject: Re: The Pure Crypto Project's Hash Function
> On Sat, 3 May 2003, tom st denis wrote:
>
> > As to making their own hash I too would have to strongly disagree with
> > that. You really ought to either design a cipher/hash or design a
> > cryptosystem.
>
> If there was a hash based on ModExp() with a long tradition of
> scrutiny like RSA for twenty years I surely would have taken it.
There is MASH-1 and MASH-2, based on modulo arithmetic
(see for example the Handbook of Applied Cryptography,
section 9.4.3).
They are relatively recent proposals, I don't know if there has
been any recent successful cryptanalysis on them.
They are based on sqmodn, which was broken by Coppersmith.
It's not the kind of hash algorithm I would feel comfortable with
for cryptographic purposes, but it surely was more widely
cryptanalyzed than what you proposed.
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list