On 04/22/2012 12:37 PM, Steven Bellovin wrote:
The question is not whether there should be a hash function significantly
faster than SHA-3, it's whether or not anyone knows how to do it. NIST
wanted to stick with that goal, but there weren't enough (possibly
weren't any; I'm not sure)
On 04/22/2012 02:55 PM, Jeffrey Walton wrote:
This might sound crazy, but I would rather have a NIST approved hash
that runs orders of magnitude slower to resist offline, brute forcing
attacks.
Well, that's what we have KDFs with a tunable work factor like PBKDF2 for.
They're generally
On Sun, Apr 22, 2012 at 4:54 AM, Marsh Ray ma...@extendedsubset.com wrote:
On 04/22/2012 02:55 PM, Jeffrey Walton wrote:
This might sound crazy, but I would rather have a NIST approved hash
that runs orders of magnitude slower to resist offline, brute forcing
attacks.
Well, that's what we
On 04/22/2012 05:07 PM, Jeffrey Walton wrote:
Aren't programs generally written to be fast and take advantage of
things like locality of reference? I'd like to see a design that
complete violates the design principal. Iterations in a KDF would
then be icing on the cake.
STRONGER KEY DERIVATION
On Sun, Apr 22, 2012 at 4:54 AM, Marsh Ray ma...@extendedsubset.com wrote:
On 04/22/2012 02:55 PM, Jeffrey Walton wrote:
This might sound crazy, but I would rather have a NIST approved hash
that runs orders of magnitude slower to resist offline, brute forcing
attacks.
Well,
