[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [office] Passwords
On Tue, 2006-28-11 at 11:11 +0000, Daniel Carrera wrote: > Yes, that would be good. We can say that SHA1, SHA256, SHA512 and > RIPMEND-160 are all ok (list taken from xmlenc), but all implementations > must support at least SHA256 but preferably all. I know this is moving further away from Florian's list, but I think we should also include WHIRLPOOL. There are good reasons for this: 1) SHA and RIPMEND are based on the same design principles, the same as MD4/MD5, and hashes from this family are continuously being broken (MD4, MD5, SHA-0, SHA-1 and the original RIPMEND). Some worry that there is a fundamental design problem (see Bruce Schneier) and we need a completely different algorithm. WHIRLPOOL is the only popular hash I know of that is of a different design. 2) WHIRLPOOL is an ISO standard (ISO/IEC 10118-3), is un-patented, is believed to be secure, and it has been recommended by the NESSIE project. NESSIE = New European Schemes for Signatures, Integrity and Encryption http://en.wikipedia.org/wiki/NESSIE I notice that NESSIE did _not_ recommend SHA-1 at all, but only the later variants. In fact, why don't we use the NESSIE list instead of xmlenc? NESSIE's list is WHIRLPOOL, SHA-256, SHA-384 and SHA-512. I would feel more comfortable using this list than the other one. And we could say that applications must support at least WHIRLPOOL and SHA-256. What do you think? Cheers, Daniel. -- "I AM in shape. Round IS a shape."
This is a digitally signed message part
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]