On hash breaks, was Re: First quantum crypto bank transfer

Hal Finney hal at finney.org
Tue Aug 24 14:00:46 EDT 2004

Joe Ashwood writes:
> Except for RIPEM there were known to be reasons for this, MD5 was 
> known to be flawed, SHA-0 was replaced because it was flawed (although 
> knowledge of the nature of the flaw was hidden). Even with RIPEM (and SHA-1 
> for the same reason) I have plans in place (and have had for some time) the 
> move away from 160-bit hashes to larger ones, so the attack on RIPEM had 
> little effect on me and my clients...

A minor terminology correction: the hash is RIPEMD, the more recent (and
still unbroken) version being RIPEMD-160.  RIPEMD is the RIPE Message
Digest, where RIPE is the EU's RACE Integrity Primitives Evaluation
project, and I haven't been able to find out what RACE stands for.

RIPEM was an old implementation by Mark Riordan of the PEM (Privacy
Enhanced Email) standard which preceded S/MIME.

Hal Finney

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list