On Sun, Apr 22, 2012 at 1:37 PM, Steven Bellovin <[email protected]> wrote: > > On Apr 22, 2012, at 2:00 11AM, David Adamson wrote: > >> 5. It is not just my opinion that NIST made a mistake by not staying >> on the initial goal SHA-3 to be SIGNIFICANTLY more efficient than >> SHA-2. However, I think that actually that mistake will be used by >> some of the organizations that I have mentioned in order to raise >> their international reputation and some of them will push for a hash >> standard that industry will prefer more than SHA-2 and SHA-3. > > The question is not whether there should be a hash function significantly > faster than SHA-3, it's whether or not anyone knows how to do it. NIST > wanted to stick with that goal, but there weren't enough (possibly > weren't any; I'm not sure) submissions that were also secure enough. > This might sound crazy, but I would rather have a NIST approved hash that runs orders of magnitude slower to resist offline, brute forcing attacks.
Jeff _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
