I don't understand exactly what Sean O'Neill's comparison methodology is, but I'm sure that SHA-256 is more secure than Tiger. I think the most important way to compare is to look at how many rounds has been broken out of the total number of rounds. Tiger's 19 or 22 out of 24 rounds have been broken. For SHA-256 it's 24 out of 64 rounds. It seems clear that SHA-256 offers a much bigger margin of security.
-------------------------------------------------- From: "zooko" <[email protected]> Sent: Monday, February 09, 2009 10:17 AM To: "Wei Dai" <[email protected]> Cc: "Jeffrey Walton" <[email protected]>; "Crypto++" <[email protected]> Subject: Re: Crypto++ 6.0? > > On Feb 8, 2009, at 14:57 PM, Wei Dai wrote: > >> I should also look into doing an assembly implementation of >> SHA-256. I thought SHA-512 would be more popular, but it seems that >> many people are using SHA-256 instead because they don't want to be >> too slow on 32-bit only platforms. > > That would be great! We use SHA-256 heavily in the tahoe project > [1], and I would love to upgrade to an assembly version written by you. > > If you're curious why Tahoe didn't choose SHA-512, we do want tahoe > to perform well on 32-bit only platforms, and also we need to have > the smallest hash-output size that we can, because hash-output values > get inserted into URLs. > > I would have gone for Tiger instead of SHA-256, but my partners and I > were a bit leary of deviating from the mainstream in choice of hash > function. Later, I was interested to see that Sean O'Neill's > Algebraic Structure Defectoscopy [2] rated Tiger as more secure than > SHA-256! > > Regards, > > Zooko > > [1] http://allmydata.org > [2] http://defectoscopy.com/results.html > --- > Tahoe, the Least-Authority Filesystem -- http://allmydata.org > store your data: $10/month -- http://allmydata.com/?tracking=zsig > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
