Re: New hash contest by NIST, similair to AES competition
- From: Mike Amling <spamonly@xxxxxxxxxxx>
- Date: 26 Jan 2007 12:12:44 EST
Paul Rubin wrote:
"Alan" <alan@xxxxxxxxxx> writes:Symmetric block ciphers can be used in various ways to produce a
message digest:
http://en.wikipedia.org/wiki/Hash_functions_based_on_block_ciphers
Is there a drawback to that approach (other than wanting more diversity
in the toolbox)?
I thought there was a theorem that there is no generically secure way
to turn a block cipher (PRP) into a hash function. The methods I see
in that Wikipedia article (I didn't examine all of them) involve using
the (possibly known) input data as keys for the block cipher, and
generic block ciphers are not assumed secure when used that way.
Davies-Meyer does, but the others don't.
--Mike Amling
.
- Follow-Ups:
- Re: New hash contest by NIST, similair to AES competition
- From: Paul Rubin
- Re: New hash contest by NIST, similair to AES competition
- References:
- New hash contest by NIST, similair to AES competition
- From: ~David~
- Re: New hash contest by NIST, similair to AES competition
- From: Alan
- Re: New hash contest by NIST, similair to AES competition
- From: Paul Rubin
- New hash contest by NIST, similair to AES competition
- Prev by Date: Re: New hash contest by NIST, similair to AES competition
- Next by Date: Re: New hash contest by NIST, similair to AES competition
- Previous by thread: Re: New hash contest by NIST, similair to AES competition
- Next by thread: Re: New hash contest by NIST, similair to AES competition
- Index(es):
Relevant Pages
|
|
