Re: how to phase in new hash algorithms?

Joseph Ashwood
Mon, 21 Mar 2005 10:52:50 -0800

----- Original Message ----- From: "Steven M. Bellovin" <[EMAIL PROTECTED]> Subject: how to phase in new hash algorithms?

We all understand the need to move to better hash algorithms than SHA1.
At a minimum, people should be switching to SHA256/384/512; arguably,
Whirlpool is the right way to go.  The problem is how to get there from
here.

...

So -- what should we as a community be doing now?  There's no emergency
on SHA1, but we do need to start, and soon.

Phase 1 is to change the hash function choice from implicit to explicit. Specifically instead of having hash = "457253W4568MM48AWA2346", move to hash = "SHA-1:lq23rbp8yaw4tilutqtipyu.".

Then over time ratchet down the default.

There is also an easy argument that it may be beneficial to skip SHA-256 entirely. The argument put succinctly is: 64-bit computing is arriving on 64-bit systems SHA-512 is nearly twice as fast as SHA-256 (crypto++ benchmarks). SHA-512 is at least as strong, and faster. Joe


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to