an attack related to random numbers generator. I am not sure
I have any fresh insider information on the topic :)
The problem is that SHA256 and greater are became required
in other standards (XML Encryption, for example). And quick
search showed that there is no solid open source implementation yet.
Aleksey Sanin.
Lutz Jaenicke wrote:
[EMAIL PROTECTED]">On Wed, Apr 10, 2002 at 11:08:24PM -0700, Aleksey Sanin wrote:Just wonder why OpenSSL has no SHA256/512 support
("grep -i sha `find . -name "*"` | grep 256" in
openssl-0.9.7-stable-SNAP-20020319
returns only bunch of *_AES_256_SHA references)?
Does there exist any reason or simply nobody had time
(or interest) to do it?
What is the current state?
I checked out the NIST pages and found a draft and comments.
One of the comments included a proposed change to the algorithm.
Is the algorithm now really fix? I don't think it would be a good idea
to include it before it is clear that it will stay unchanged.
(0.9.7 is in feature freeze, so it won't be added before 0.9.8).
Best regards,
Lutz
