On Feb 9, 2009, at 15:01 PM, Wei Dai wrote: > I don't understand exactly what Sean O'Neill's comparison > methodology is, but I'm sure that SHA-256 is more secure than > Tiger. I think the most important way to compare is to look at how > many rounds has been broken out of the total number of rounds. > Tiger's 19 or 22 out of 24 rounds have been broken. For SHA-256 > it's 24 out of 64 rounds. It seems clear that SHA-256 offers a much > bigger margin of security.
I agree that this is an excellent metric of security. I'm also interested in Sean O'Neill's metric, but I understand that one less well. ;-) 24 rounds of SHA-256 would probably take about 8 cpb, where 20 out of 24 rounds of Tiger would probably take about 6 cpb. Hm. Regards, Zooko --- Tahoe, the Least-Authority Filesystem -- http://allmydata.org store your data: $10/month -- http://allmydata.com/?tracking=zsig --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
