[Cryptography] Creating a Parallelizeable Cryptographic Hash Function
waywardgeek at gmail.com
Tue Oct 7 07:02:56 EDT 2014
On Mon, Oct 6, 2014 at 11:53 PM, Ben Laurie <benl at google.com> wrote:
> On 6 October 2014 23:23, Bill Cox <waywardgeek at gmail.com> wrote:
> > On Sat, Oct 4, 2014 at 1:21 PM, Ben Laurie <benl at google.com> wrote:
> >> However, this is not a good way to go about designing crypto primitives.
> > I disagree with this point. This thread is an excellent way for people
> > *avoid* mistakes like this hash function. People should be *encouraged*
> > post their latest dumb idea about hashing here, so it can be reviewed
> > harming anyone.
> Sure thing, but that's not what I meant. What I meant was that
> starting with a dumb idea, then incrementally fixing things people
> point out is not likely to lead to something good.
Actually, this is one of my favorite processes for producing good ideas.
Continuing with this process, what's wrong with:
Digest = H(1 || B1) * H(2 || B2) * ... * H(n | Bn) mod p
I think I've shown this is secure based on the difficulty of the discrete
log problem. If true, isn't this exactly what you say is unlikely to
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography