Re: AES-GMAC as a hash

2009-09-04 Thread Hal Finney
Darren J Moffat darren.mof...@sun.com asks: Ignoring performance for now what is the consensus on the suitabilty of using AES-GMAC not as MAC but as a hash ? Would it be safe ? The key input to AES-GMAC would be something well known to the data and/or software. No, I don't think this

Re: AES-GMAC as a hash

2009-09-04 Thread Darren J Moffat
Hal Finney wrote: Darren J Moffat darren.mof...@sun.com asks: Ignoring performance for now what is the consensus on the suitabilty of using AES-GMAC not as MAC but as a hash ? Would it be safe ? The key input to AES-GMAC would be something well known to the data and/or software. No, I

Re: AES-GMAC as a hash

2009-09-04 Thread Matt Ball
On Thu, Aug 27, 2009 at 8:45 AM, Darren J Moffat wrote: Ignoring performance for now what is the consensus on the suitabilty of using AES-GMAC not as MAC but as a hash ? Would it be safe ? The key input to AES-GMAC would be something well known to the data and/or software. The only