Modulo based hash functions [was: The Pure Crypto Project's Hash Function]
David Wagner
daw at mozart.cs.berkeley.edu
Fri May 16 16:12:27 EDT 2003
These number-theoretic hash functions are arguably a lousy choice
for general-purpose use. Sure, those hashes may be one-way and
collision-resistant, but these days, we expect more than just one-wayness
and collision-resistance: we often expect the hash to behave like a
"random function". Number-theoretic hashes usually don't satisfy
this property, and thus run the risk of creating bad interactions
between the number-theoretic hash and the number-theoretic public-key
encryption/signature scheme. For all these reasons, I prefer SHA1 for
general-purpose use over number-theoretic schemes.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list