Re: Moving away from MD5

To: debian-devel@lists.debian.org
Subject: Re: Moving away from MD5
From: Thomas Koenig <ig25@mvmap66.ciw.uni-karlsruhe.de>
Date: Tue, 24 Jun 1997 10:16:08 +0200 (MET DST)
Message-id: <[🔎] 199706240816.KAA13839@mvmap66.ciw.uni-karlsruhe.de>
Reply-to: Thomas.Koenig@ciw.uni-karlsruhe.de (Thomas König)
In-reply-to: <[🔎] 33AF0810.7E784711@micron.net> from Galen Hazelwood at "Jun 23, 97 05:34:40 pm"

Galen Hazelwood wrote:

>Forced to choose, I would say SHA-1.  The design parameters aren't
>_that_ secret; there's an excellent discussion and comparison in
>Schneier's "Applied Cryptography" 2nd Ed.  (You don't have a copy? 
>Shame on you!)

Of course I have a copy (shame on you for suggesting that I don't :-),
but Schneier didn't know about the weaknesses in MD5 when he wrote that
book.

>I'll look at RIPEMD-160 as you suggested, but am skeptical for now.

When you do that, please keep in mind that Hans Dobbertin (the guy who
cryptanalyzed MD4 and MD5) is one of the authors of RIPEMD-160, and that
SHA-1 came out before that method of attack became public knowledge.
-- 
Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, ig25@dkauni2.bitnet.
The joy of engineering is to find a straight line on a double
logarithmic diagram.


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Re: Moving away from MD5
  - From: Galen Hazelwood <galenh@micron.net>

Prev by Date: Re: Experiences with compiling Debian
Next by Date: Re: svgalib-dummy again
Previous by thread: Re: Moving away from MD5
Next by thread: problems with SHA-1
Index(es):
- Date
- Thread