[Cryptography] Creating a Parallelizeable Cryptographic Hash Function

Zooko Wilcox-OHearn zooko at leastauthority.com
Tue Oct 7 11:21:09 EDT 2014

On Tue, Oct 7, 2014 at 10:52 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> Tom's idea being discussed here is a constant time updateable hash function
> of very many records/messages/blocks, which Blake2 does not do.

BLAKE2 (and Skein, and Keccak, etc.) do logarithmic-time updates using
tree hashing, which is efficient enough for all uses that I have
looked at, and which can be secure in the traditional senses of
collision-resistance, etc.

I agree that a constant-time variant would be potentially interesting,
and I'm not saying (as someone else on this thread was thought to have
said) that we shouldn't discuss such a thing. What I'm saying is that
Cleversafe, as a commercial concern working on actual products, should
not be planning to use such a novel construction when BLAKE2 (et al.)
would work fine.


Zooko Wilcox-O'Hearn

Founder, CEO, and Customer Support Rep
Freedom matters.

More information about the cryptography mailing list