Dmitry Baryshkov <[email protected]> writes: > Add documentation describing Streebog hash function and it's API.
Is there any consensus on the cryptographic strength and general quality of streebog? I wonder if it really should go in the section "Recommended hash functions" with SHA2 and SHA3, or in the "Legacy hash functions" section. The wikipedia page (https://en.wikipedia.org/wiki/Streebog#Cryptanalysis) says In 2015 Birykov, Perrin and Udovenko reverse engineered the unpublished S-box generation structure (which was earlier claimed to be generated randomly) and concluded that the underlying components are cryptographically weak. referring to https://eprint.iacr.org/2016/071. And https://en.wikipedia.org/wiki/Hash_function_security_summary lists a "theoretical" preimage attack on the full hash function, referencing https://eprint.iacr.org/2014/675. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list [email protected] http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
