On 4/23/12, Steven Bellovin <[email protected]> wrote: > > On Apr 23, 2012, at 12:51 14PM, David Adamson wrote: > >> >> Unfortunately, also I do not see any more improvements of the >> implementations of other SHA-3 candidates that did not enter 2-nd and >> final round (especially CubeHash, Shabal, BMW, Edon-R, Echo and SIMD). >> > And the MD6 team withdrew their submission because they couldn't make > it fast enough and still have enough security. >
Ahhh, I think it was a mistake to withdraw MD6. But Ron and his team had dignity and set up higher mathematical standards than NIST (the hash function to be provably secure against the differential cryptanalysis). If you void the mathematically set up security margin of MD6 and reduce the number of rounds from 168 down to 64, (with similar artistic, cryptographer's experience and "trust me" arguments present in other finalists) you will have a hash function that is faster than SHA-2 and is definitively faster than 2 or 3 of the SHA-3 finalists (I never understood why NIST picked up those 2 or 3 slower than SHA-2 candidates as finalists). Regards, David Adamson Jr _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
