[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SHA-256-128 Draft: Is this really required? Contradiction...

To: ipsec@lists.tislabs.com
Subject: Re: SHA-256-128 Draft: Is this really required? Contradiction...
From: Uri Blumenthal <uri@bell-labs.com>
Date: Thu, 18 Jul 2002 02:57:24 -0400
In-Reply-To: <002001c22e1b$d0877c50$3568e640@ca.alcatel.com>
Organization: Lucent Technologies / Bell Labs
Original-To: <ipsec@lists.tislabs.com>
References: <002001c22e1b$d0877c50$3568e640@ca.alcatel.com>
Reply-To: uri@bell-labs.com
Sender: owner-ipsec@lists.tislabs.com

On Thursday 18 July 2002 01:27, Andrew Krywaniuk wrote:
> .............................
> that there is no need for SHA-2. (Unless it is to match the security
> strength of large DH groups in key derivation...............

But how so?  How is it any stronger...?

The size of the output of a hash function  doesn't ensure larger
quantity of randomness!

SHA-256 has he same 512-bit input buffer.  Correlation between
its output bits (and whether it exists or not) is unknown.

> which............is more a limitation of the key
> derivation algorithm than of the hash).

Yes!
-- 
Regards,
Uri-David
-=-=-<>-=-=-
<Disclaimer>

References:
- RE: SHA-256-128 Draft: Is this really required? Contradiction...
  - From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>

Prev by Date: Re: [saag] No need for SHA-2 Packet Authentication - Open Letter to the WG a nd Area Directors
Next by Date: Re: [saag] No need for SHA-2 Packet Authentication - Open Letter to the WG and Area Directors
Prev by thread: RE: SHA-256-128 Draft: Is this really required? Contradiction...
Next by thread: Re: SHA-256-128 Draft: Is this really required? Contradiction...
Index(es):
- Date
- Thread