[Cryptography] Hashes into Ciphers (was Re: FIPS, NIST and ITAR questions)

Joachim Strömbergson Joachim at Strombergson.com
Thu Sep 5 05:44:10 EDT 2013

Hash: SHA1


Stephan Neuhaus wrote:
> On 2013-09-04 16:37, Perry E. Metzger wrote:
>> Phil Karn described a construction for turning any hash function
>> into the core of a Feistel cipher in 1991. So far as I can tell,
>> such ciphers are actually quite secure, though impractically slow.
>> Pointers to his original sci.crypt posting would be appreciated, I 
>> wasn't able to find it with a quick search.
> I remember having reviewed a construction by Peter Gutmann, called a 
> Message Digest Cipher, at around that time, which also turned a hash 
> function into a cipher.  I do remember that at that time I thought
> it was quite secure, but I was just a little puppy then.  Schneier
> reviews this construction in Applied Cryptography and can't find
> fault with it, but doesn't like it on principle ("using the hash
> function for something for which it is not intended").

Isn't this whole discussion basically the gist of DJB vs USA?


And today we have Salsa20 as a PRNG/stream cipher in eSTREAM.

The Salsa family of functions including ChaCha are compression functions
in counter mode to generate a keystream.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the cryptography mailing list