Jerry Leichter wrote: >Currently we have SHA-128 and SHA-256, >but exactly why one should choose one >or >the other has never been clear - SHA-256 is >somewhat more expensive, but >I can't >think of any examples where SHA-128 >would be practical but SHA-256 >would not. >In practice, when CPU is thought to be an >issue (rightly or >wrongly), people have >gone with RC4 - standards be damned.
SHA-224/256 (there is no SHA-128) use 32-bit words, SHA-384/512 uses 64-bit words. That difference is indeed a very big deal in embedded device applications. SHA-3 uses only 64-bit words, which will likely preclude it being used in most embedded devices for the foreseeable future. -David Mercer David Mercer Portland, OR _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography