On Mon, 23 Mar 1998, Jim Gillogly wrote:
Hal Finney writes:
I can't find an OID assignment for HAVAL. Peter Gutmann has a long list
of known security related OIDs in his dumpasn1.cfg file, but it does not
list HAVAL. You might direct email to the author and ask if he knows
of an OID assignment. I suspect we would need a family of OIDs, one for
each length/passes combination.
I wrote to the author -- he's interested but unfamiliar with the OID
process. Is it the case that one of us can simply define and declare
a set of HAVAL variants that meets our needs?
The problem is that Hash Algorithm 4 is "HAVAL", but it has to mean a
specific variant. I am setting it for 5 pass/160 bit. 128 bit might also
be good, or even 256 bit (for non-DSA). But I would rather new has
algorithm *numbers* be assigned, e.g. HAVAL-5/160, HAVAL-3/128, etc.
tzeruch asks:
And is there an implementation without copyright or patent problems?
Yes, Paulo Barreto has written a public domain implementation of HAVAL.
It's at http://ds.dial.pipex.com/george.barwood/crypto.htm
and is apparently correct, since the author, Yuliang Zheng, acknowledges
that Barreto found and reported an error in the reference
implementation.
I tried it, but I am having some problems getting it to pass its
self-test. I also wrote the author - his page,
http://pscit-www.fcit.monash.edu.au/~yuliang/src/
gives liberal copyright terms.
--- reply to tzeruch - at - ceddec - dot - com ---