Re: A basic question about hashing
From: Tom St Denis (tomstdenis_at_iahu.ca)
Date: Tue, 07 Sep 2004 02:34:29 GMT
> so, Tom, if you were picking hashes that you would expect to last the
> longest against cryptanalysis advances and that have undergone serious
> analysis already, what would you pick?
Depends on the length of the hash required. For simplicity I'd simply
recommend WHIRLPOOL as a good choice.
> what exactly do DMWT and WHIRLPOOL entail, and are they reviewed very
> well yet?
WHIRLPOOL is essentially AES with a 64-byte block. It runs decently
fast on 64-bit processors.
DMWT is my design [based on my FPHT research]. of the two I would
recommend WHIRLPOOL solely because it has had more cryptanalysis.
If you need serious speed a good compromise is Tiger/192. It's a UFN as
well but the mixing function is less "simple" [uses 8x64 sboxes...]. It
also produces a 192-bit output. So in applications that use SHA-1 it's
a good replacement. If you need longer hashes just use WHIRLPOOL and
truncated it to the desired length.