New Hash Function workshop thoughts

Discussion in 'Computer Security' started by ShadowEyez, Nov 4, 2005.

  1. ShadowEyez

    ShadowEyez Guest

    As many of you may know, there was a workshop recently held in
    Washington about hash functions; they said it would encompass assessing
    SHA-1, 256, 512, and assessing where we are, and seeing if we need to
    pick a new "SHA" because SHA-1 has a potential weakness which may mean
    it could be compromised. I posted the following to Bruce Schneier's
    blog about my thoughts:

    I'm not a cryptographer but from what I have read, I think that with
    whatever the new algorithm for "SHA2" is, in the speed vs. security
    (which is _roughly_ length of digest) the emphasis should be mostly on

    People have shown remarkable skill at optimizing algorithms for speed
    (look at all the various AES optimizations) and note that both the
    strength of attacks goes up but the speed of hardware goes up as well.
    If we choose an algorithm optimized for security, that has no
    mathematical or algorithmic weakness (a big IF I know), we know that
    hardware speeds and programming optimizations will make speed less of an
    issue over time, while at the same time we can rest easy knowing that it
    will probably not be brute-forced or birthday-attacked in our lifetimes.

    Agree? Disagree?

    One other thing to add: I think NSA should publish results of its
    analysis on SHA-256 and SHA-512 on how strong they are. Also, if they
    have at least two super-secret non-public hashes, they should publish
    the specs and an working source-code implementation of one of them (and
    keep one of them classified) as a way to stimulate public research and a
    possible "stop-gap" in case SHA-256 is not all that strong. Remember -
    their research is funded with our tax dollars!

    ShadowEyez, Nov 4, 2005
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ben Low

    "paged" CAM table hash

    Ben Low, Oct 5, 2004, in forum: Cisco
    Ben Low
    Oct 5, 2004
  2. Nicolas W.

    PIX: PSK, sniffer and hash

    Nicolas W., Oct 5, 2005, in forum: Cisco
    Nicolas W.
    Oct 5, 2005
  3. AM

    CCO Hash.

    AM, Jan 4, 2006, in forum: Cisco
    Tomas Knott
    Jan 8, 2006
  4. Harry

    Hash mash

    Harry, Aug 8, 2004, in forum: Computer Support
    Morgan Pugh
    Aug 8, 2004
  5. Linda Pan

    Re: Reverse Hash Function

    Linda Pan, Dec 17, 2004, in forum: Computer Security
    Linda Pan
    Dec 30, 2004

Share This Page