Propping up SHA-1 (or MD5)
Florian Weimer
fw at deneb.enyo.de
Wed Mar 23 11:35:50 EST 2005
* Ben Laurie:
> Musing on these points, I wondered about the construction:
>
> H'(x)=H(H(x) || H(H(x) || x))
>
> which doesn't allow an attacker any choice, doesn't change APIs
Unfortunately, it does, in a rather fundamental way: streamed
processing is no longer possible.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list