Re: strength of multiple hash functions
- From: "Joseph Ashwood" <ashwood@xxxxxxx>
- Date: Thu, 25 Jan 2007 09:39:01 GMT
"Kristian Gjøsteen" <kristiag+news@xxxxxxxxxxxx> wrote in message
news:ep9ql7$1rs$1@xxxxxxxxxxxxxxxxxxxxx
Amit <amitabh123@xxxxxxxxx> wrote:
It is easy to prove (in the random oracle model) that the security
offered by H(.) is the same as that provided by SHA1.
In my opinion, a ROM proof offers no interesting insights in this case.
I think it does, ROM sets an upper bound for this, so it cannot be more
secure than SHA1.
So based on this we have:
1) It is no more secure than SHA1
2) It may be less secure than SHA1
3) It is slower than SHA1
So we have that it is worse than SHA1 in some metrics, and no better than
SHA1 in any metric. That's actually a fairly useful result.
Joe
.
- Follow-Ups:
- Re: strength of multiple hash functions
- From: Stefan Lucks
- Re: strength of multiple hash functions
- References:
- Re: strength of multiple hash functions
- From: Amit
- Re: strength of multiple hash functions
- From: Kristian Gjøsteen
- Re: strength of multiple hash functions
- Prev by Date: Re: Draft FIPS 186-3, digital signatures
- Next by Date: Re: Authentication of a messages using a counter and a MAC
- Previous by thread: Re: strength of multiple hash functions
- Next by thread: Re: strength of multiple hash functions
- Index(es):
Relevant Pages
|
|
