Re: New hash contest by NIST, similair to AES competition
- From: Paul Rubin <http://phr.cx@xxxxxxxxxxxxxx>
- Date: 26 Jan 2007 09:41:34 -0800
Mike Amling <spamonly@xxxxxxxxxxx> writes:
the (possibly known) input data as keys for the block cipher, andDavies-Meyer does, but the others don't.
generic block ciphers are not assumed secure when used that way.
It looks like they all do, though I should have said the block cipher
keys are derived from the input data. The input data is in general
not used directly. Is there a security proof for Miyaguchi-Preneel?
My guess is there can't be one without stronger assumptions on the
block cipher than that it's a PRP.
Anyway, these constructions seem to me to be going in the wrong
direction, since hash functions should be faster than block ciphers
rather than slower.
.
- Follow-Ups:
- References:
- New hash contest by NIST, similair to AES competition
- From: ~David~
- Re: New hash contest by NIST, similair to AES competition
- From: Alan
- Re: New hash contest by NIST, similair to AES competition
- From: Paul Rubin
- Re: New hash contest by NIST, similair to AES competition
- From: Mike Amling
- New hash contest by NIST, similair to AES competition
- Prev by Date: Re: New hash contest by NIST, similair to AES competition
- Next by Date: Re: New hash contest by NIST, similair to AES competition
- Previous by thread: Re: New hash contest by NIST, similair to AES competition
- Next by thread: Re: New hash contest by NIST, similair to AES competition
- Index(es):
Relevant Pages
|
|
