On 4/23/12, Steven Bellovin <[email protected]> wrote:
>
> On Apr 23, 2012, at 12:51 14PM, David Adamson wrote:
>
>>
>> Unfortunately, also I do not see any more improvements of the
>> implementations of other SHA-3 candidates that did not enter 2-nd and
>> final round (especially CubeHash, Shabal, BMW, Edon-R, Echo and SIMD).
>>
> And the MD6 team withdrew their submission because they couldn't make
> it fast enough and still have enough security.
>

Ahhh, I think it was a mistake to withdraw MD6. But Ron and his team
had dignity and set up higher mathematical standards than NIST (the
hash function to be provably secure against the differential
cryptanalysis).
If you void the mathematically set up security margin of MD6 and
reduce the number of rounds from 168 down to 64, (with similar
artistic, cryptographer's experience and "trust me" arguments present
in other finalists) you will have a hash function that is faster than
SHA-2 and is definitively faster than 2 or 3 of the SHA-3 finalists (I
never understood why NIST picked up those 2 or 3 slower than SHA-2
candidates as finalists).

Regards,
David Adamson Jr
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to