On 12/13/16 at 3:59 PM, [email protected] (Andrew Ayer) wrote:
On Tue, 13 Dec 2016 14:32:04 +0000
Eran Messeri <[email protected]> wrote:
* For Hash Algorithm repository, specify "Expert Review" guiding the
Expert to make sure the proposed hash algorithm has public
specification and does not suffer from known preimage attacks.
The hash algorithm also needs collision resistance.
How precise does the guidance need to be? "Not suffer from known
preimage attacks" wouldn't be construed as forbidding SHA-2 because
there are some very expensive preimage attacks on some rounds, would it?
Arguably, "suitable for use as a cryptographic hash function" covers
both preimage and collision resistance, and leaves it to the expert's
discretion what attacks are worth worrying about. Would leaving it at
this provide sufficient guidance?
It might be better to specifically mention the characteristics
known to be needed along with some general guidance which leans
on the reviewer's expertise. Perhaps:
"Suitable for use as a cryptographic hash with no known preimage
or collision attacks. These attacks can damage the integrity of
the log."
Cheers - Bill
------------------------------------------------------------------------
Bill Frantz |"Insofar as the propositions of mathematics
refer to
408-356-8506 | reality, they are not certain; and insofar
they are
www.pwpconsult.com | certain, they do not refer to reality.”
-- Einstein
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
