Re: [openpgp] SHA3 algorithm ids.

On 8/08/2015 23:48 pm, ianG wrote:

http://www.metzdowd.com/pipermail/cryptography/2015-August/026238.html

From: Krisztián Pintér <pinterkr(_at_)gmail(_dot_)com>

...

so to save the day, they added the SHAKE instances as a workaround.
they are pretty much what SHA3 should have been. if you don't
understand how a sponge works, you are very much free to use the SHA3
instances. but if you want to do actual cryptography, you should
choose the SHAKE's.

Which I think can be interpreted as suggestion to use SHAKE256, insteadof the SHA3-xxx.

A potential advantage of that is that the algorithm expands, so we don'tneed to specify truncation any more.


Just call it with a range of set params for 'd':

keyId:         32
fingerprint:   100, 150
hash:          256.

(by way of example) Is there any known advantage of the smaller lengthsbeing subsets of the larger?


iang

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [openpgp] SHA3 algorithm ids., (continued) Re: [openpgp] SHA3 algorithm ids., Peter Gutmann Re: [openpgp] SHA3 algorithm ids., Robert J. Hansen Re: [openpgp] SHA3 algorithm ids., Werner Koch Re: [openpgp] SHA3 algorithm ids., ianG Re: [openpgp] SHA3 algorithm ids., ianG Re: [openpgp] SHA3 algorithm ids., Christoph Anton Mitterer Re: [openpgp] SHA3 algorithm ids., Phillip Hallam-Baker Re: [openpgp] SHA3 algorithm ids., ianG Re: [openpgp] SHA3 algorithm ids., Peter Gutmann Re: [openpgp] SHA3 algorithm ids., Christoph Anton Mitterer Re: [openpgp] SHA3 algorithm ids., ianG <=