Ignoring performance for now what is the consensus on the suitabilty of
using AES-GMAC not as MAC but as a hash ?
Would it be safe ?
The "key" input to AES-GMAC would be something well known to the data
and/or software.
The only reason I'm asking is assuming it can be made to perform on some
classes of machine better than or close to SHA256 if it would be worth
considering as an available alternate now until SHA-3 is choosen.
--
Darren J Moffat
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com