----- Original Message ----- From: "Steven M. Bellovin" <[EMAIL PROTECTED]>
Subject: how to phase in new hash algorithms?

We all understand the need to move to better hash algorithms than SHA1.
At a minimum, people should be switching to SHA256/384/512; arguably,
Whirlpool is the right way to go.  The problem is how to get there from
So -- what should we as a community be doing now?  There's no emergency
on SHA1, but we do need to start, and soon.

Phase 1 is to change the hash function choice from implicit to explicit. Specifically instead of having hash = "457253W4568MM48AWA2346", move to hash = "SHA-1:lq23rbp8yaw4tilutqtipyu.".

Then over time ratchet down the default.

There is also an easy argument that it may be beneficial to skip SHA-256 entirely. The argument put succinctly is:
64-bit computing is arriving
on 64-bit systems SHA-512 is nearly twice as fast as SHA-256 (crypto++ benchmarks).
SHA-512 is at least as strong, and faster.

--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to