OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [office] Passwords

On Tue, 2006-28-11 at 11:11 +0000, Daniel Carrera wrote:
> Yes, that would be good. We can say that SHA1, SHA256, SHA512 and
> RIPMEND-160 are all ok (list taken from xmlenc), but all implementations
> must support at least SHA256 but preferably all.

I know this is moving further away from Florian's list, but I think we
should also include WHIRLPOOL. There are good reasons for this:

1) SHA and RIPMEND are based on the same design principles, the same as
MD4/MD5, and hashes from this family are continuously being broken (MD4,
MD5, SHA-0, SHA-1 and the original RIPMEND). Some worry that there is a
fundamental design problem (see Bruce Schneier) and we need a completely
different algorithm.

WHIRLPOOL is the only popular hash I know of that is of a different

2) WHIRLPOOL is an ISO standard (ISO/IEC 10118-3), is un-patented, is
believed to be secure, and it has been recommended by the NESSIE

NESSIE = New European Schemes for Signatures, Integrity and Encryption


I notice that NESSIE did _not_ recommend SHA-1 at all, but only the
later variants.

In fact, why don't we use the NESSIE list instead of xmlenc? NESSIE's
list is WHIRLPOOL, SHA-256, SHA-384 and SHA-512.

I would feel more comfortable using this list than the other one. And we
could say that applications must support at least WHIRLPOOL and SHA-256.

What do you think?

"I AM in shape. Round IS a shape."

This is a digitally signed message part

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]