The Pure Crypto Project's Hash Function

Anton Stiglic astiglic at okiok.com
Mon May 5 09:51:55 EDT 2003


----- Original Message ----- 
From: "Ralf Senderek" <ralf at senderek.de>
To: "tom st denis" <tomstdenis at yahoo.com>
Cc: <cryptography at metzdowd.com>
Sent: Sunday, May 04, 2003 2:57 AM
Subject: Re: The Pure Crypto Project's Hash Function


> On Sat, 3 May 2003, tom st denis wrote:
> 
> > As to making their own hash I too would have to strongly disagree with
> > that.  You really ought to either design a cipher/hash or design a
> > cryptosystem.
> 
> If there was a hash based on ModExp() with a long tradition of
> scrutiny like RSA for twenty years I surely would have taken it.

There is MASH-1 and MASH-2, based on modulo arithmetic
(see for example the Handbook of Applied Cryptography, 
section 9.4.3).
They are relatively recent proposals, I don't know if there has 
been any recent successful cryptanalysis on them.
They are based on sqmodn, which was broken by Coppersmith.
It's not the kind of hash algorithm I would feel comfortable with
for cryptographic purposes, but it surely was more widely 
cryptanalyzed than what you proposed.

--Anton


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list