On Feb 8, 2009, at 14:57 PM, Wei Dai wrote: > I should also look into doing an assembly implementation of > SHA-256. I thought SHA-512 would be more popular, but it seems that > many people are using SHA-256 instead because they don't want to be > too slow on 32-bit only platforms.
That would be great! We use SHA-256 heavily in the tahoe project [1], and I would love to upgrade to an assembly version written by you. If you're curious why Tahoe didn't choose SHA-512, we do want tahoe to perform well on 32-bit only platforms, and also we need to have the smallest hash-output size that we can, because hash-output values get inserted into URLs. I would have gone for Tiger instead of SHA-256, but my partners and I were a bit leary of deviating from the mainstream in choice of hash function. Later, I was interested to see that Sean O'Neill's Algebraic Structure Defectoscopy [2] rated Tiger as more secure than SHA-256! Regards, Zooko [1] http://allmydata.org [2] http://defectoscopy.com/results.html --- Tahoe, the Least-Authority Filesystem -- http://allmydata.org store your data: $10/month -- http://allmydata.com/?tracking=zsig --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
