Re: how to phase in new hash algorithms?

2005-03-21 Thread Joseph Ashwood
- Original Message - From: Steven M. Bellovin [EMAIL PROTECTED] Subject: how to phase in new hash algorithms? We all understand the need to move to better hash algorithms than SHA1. At a minimum, people should be switching to SHA256/384/512; arguably, Whirlpool is the right way to go.

Re: Do You Need a Digital ID?

2005-03-21 Thread Jerrold Leichter
| if a re-issued a new token/card (to replace a lost/stolen token/card) is | identical to the lost/stolen token/card ... then it is likely that there is no | something you have authentication involved (even tho a token/card is | involved in the process) ... and therefor the infrastructure is just

Re: how to phase in new hash algorithms?

2005-03-21 Thread Bart Preneel
As ex-NESSIE project manager: NESSIE was an EU-funded research project with funding for 40 months (2000-2003). The NESSIE guys still exist as individual organizations but the NESSIE project is no longer in existence. There is a follow-up, but with somewhat different goals, called ECRYPT

Re: how to phase in new hash algorithms?

2005-03-21 Thread Christopher Wolf
Hi, Ian G wrote: Steven M. Bellovin wrote: So -- what should we as a community be doing now? There's no emergency on SHA1, but we do need to start, and soon. The wider question is how to get moving on new hash algorithms. That's a bit tricky. Normally we'd look to see NIST or the NESSIE guys

Propping up SHA-1 (or MD5)

2005-03-21 Thread Ben Laurie
It was suggested at the SAAG meeting at the Minneapolis IETF that a way to deal with weakness in hash functions was to create a new hash function from the old like so: H'(x)=Random || H(Random || x) However, this allows an attacker to play with Random (the advice I've seen is that if one is