On Mon, Nov 10, 2003 at 09:40:52AM -0800, vedaal(_at_)hush(_dot_)com wrote:
Shamir's Discrete Logarithm Hash was recently implemented by Ralf Senderek
in a new small crypto program, PCP (Pure Crypto Project)
(hash description is here:)
http://senderek.de/SDLH/
it has been around for a while, was proven to be collision resistant,
but hasn't really been implemented before, possibly because of the length
of time required to sign directly with the rsa key
now, with faster processors,
this may be an appropriate hash for e-mail-length messages,
and, as there are plans for the wider SHA hashes to be introduced,
maybe it would be worthwhile considering a hash will remain secure as
long as the keysize is considered secure
Back when NASA was gearing up for the Apollo moon missions, they had a
saying that the rocket wasn't launched until the stack of paperwork to
validate, document, analyze, attack, correct, and prove as much as
possible the correctness of the mission was as tall as the rocket
itself.
I don't feel qualified to argue for or against the SDLH in terms of
its security. I do, however, argue that any new algorithm needs more
than one web page describing it before it should be included in
OpenPGP. There just aren't enough "inches of paperwork" yet.
There was a very interesting thread about the SDLH and the Pure Crypto
project on the cryptography mailing list a few months ago.
http://www.mit.edu:8008/bloom-picayune/crypto/13163
David