[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MD5 vs. SHA-1, Selection Criteria
>SHA-1 is a product of our friends at the NSA. Although I'm not always
>a fan of their export policies, they do appear to usually release
>algorithms of the highest possible quality.
Assuming, of course, that they are properly motivated to do so. They
certainly know as well as we do that a well designed hash function can
serve as the primitive of a strong cipher. I suspect they knew this
well before they read it in Applied Cryptography and in Dan
Bernstein's famous "snuffle" papers.
So given NSA's well-documented reluctance to distribute strong ciphers
without a back door, I am highly skeptical that they really made SHA-1
as strong as it could be.
Or maybe I'm just paranoid. But it's a point worth considering.
Phil
References: