On Mon, Apr 28, 2008 at 03:03:30PM -0700, Jim McCoy wrote: > [Perhaps I am just misunderstanding your construction, but MD4(x) || > SHA-256(x) is only as strong as MD4, not stronger than SHA-256 alone...]
Wouldn't that imply a very easy way to break SHA-256? I think if you defined strong as you used it in the above sentence it might help me understand your argument; the only definitions I can think of that might fit are psuedo-randomness (or resistence to partial collision / preimage). I believe Joux's multicollision attack only shows that you can break MD4(x)||SHA-256(x) about as easily as SHA-256 alone. Regards, Jack _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
