R. A. Hettinga wrote: > Luckily, there are alternatives. The National Institute of Standards and > Technology already has standards for longer - and harder to break - hash > functions: SHA-224, SHA-256, SHA-384, and SHA-512. They're already > government standards, and can already be used. This is a good stopgap, but > I'd like to see more.
I haven't seen any discussion on constructions based on "universal hashing", like the UHASH underlying UMAC[1]. Can any cryptographers comment on this? UMAC seems like a particularly nice MAC, because it is supposedly provably-secure (to the extent that AES is) and benefits from hardware speedups to AES. -d [1] http://www.cs.ucdavis.edu/~rogaway/umac/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
