On Mar 4, 2005, at 5:23 PM, James A. Donald wrote:
The attacks on MD*/SHA* are weak and esoteric.
On this we respectfuly disagree.
You make it sound trivial. Wang has been working on these results for over 10 years. She received the largest applause at Crypto 2004 session from her peers I have ever seen.
It is not so fundamentally broken as to justify starting over.
on this I agree.
My recommendation for anyone that listens to (nobody) me is to abandon the MD series and SHA algorithms below SHA-256 for everything including certificates, pgp and even HMAC. But these are my inclinations. I would rather migrate to stronger crypto than have to continually justify why I continue to use algorithms that have known weaknesses.
$0.02
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
QVYtFQAELN4YlZ9xB60CvXTqW8QT8rOABMbJrPXE
4hz2qo1jnDwc3tmFFeyh6lG9sOrXL1783FYSh2s+v
What software do you use for this? Is it ECC or RSA?
Thanks
jim
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
