[Subject line altered, as it's not really relevant to the case under
discussion.]
Nicolas Williams wrote:
> Collision stats could also be a useful way to build confidence in a hash
> function ("look! 0 collisions for SHA-3 candidate X on a 1PB pool with
> random and real data!"). Of course, a SHA-3 candidate must build
> confidence by surviving known cryptanalysis techniques + any new ones
> that cryptographers throw at it, and no collisions in 1PB hardly
> constitutes proof, but N>0 collisions in 1PB would be likely be
> worrisome and indicative that additional analysis is needed.
It would be more than worrisome; I think it would utterly disqualify the
SHA-3 candidate in question.
Scott
--
Scott Rotondo
Principal Engineer, Solaris Security Technologies
President, Trusted Computing Group
Phone/FAX: +1 408 850 3655 (Internal x68278)
