On 7/20/06, Florian Weimer [EMAIL PROTECTED] wrote:
Is this about Colin Percival's work?
The paper was by Dan Berstein; Percival's comments are specific to
hyperthreading, but I think djb's research showed that it's applicable
to non-HT architectures as well.
--
Follow where reason leads --
.
Sent: Friday, July 21, 2006 9:09 AM
To: Florian Weimer
Cc: Hal Finney; [EMAIL PROTECTED]; cryptography@metzdowd.com
Subject: Re: NIST hash function design competition
On 7/20/06, Florian Weimer [EMAIL PROTECTED] wrote:
Is this about Colin Percival's work?
The paper was by Dan Berstein
* Travis H.:
On 7/11/06, Hal Finney [EMAIL PROTECTED] wrote:
: So what went wrong? Answer: NIST failed to recognize that table lookups
: do not take constant time. âTable lookup: not vulnerable to timing
: attacks, NIST stated in [19, Section 3.6.2]. NIST's statement was,
: and is,
On 7/11/06, Hal Finney [EMAIL PROTECTED] wrote:
: So what went wrong? Answer: NIST failed to recognize that table lookups
: do not take constant time. âTable lookup: not vulnerable to timing
: attacks, NIST stated in [19, Section 3.6.2]. NIST's statement was,
: and is, incorrect.
That's
Hal Finney wrote:
I had not heard that there had been an official
decision to hold a new competition for hash functions
similar to AES. That is very exciting! The AES
process was one of the most interesting events to have
occured in the last few years in our field.
Seemed like one of the
James Donald writes:
My understanding is that no actual vulnerabilities have
been found in Rijndael. What has been found are reasons
to suspect that vulnerabilities will be found.
Yes, I think that's correct on the theoretical side. I was also thinking
of some of the implementation issues