I wrote the following nonsense: > As discussed at > http://crypto.stackexchange.com/questions/8634/how-scrypt-uses-salsa > it appears that the statement made here > http://tools.ietf.org/html/draft-josefsson-scrypt-kdf-01#page-3 > that >> Salsa20/8 Core is not a cryptographic hash function since it is not >> collision-resistant. > is (at least) causing confusion, and (I believe) is wrong, for the Salsa20/8 > Core > is intended to be collision-resistant, and is, AFAIK.
The quoted statement is correct, thanks to Simon Josefsson for pointing that indeed the Salsa20/8 Core is not collision-resistant. Sorry for the noise. Francois
