On Fri, 13 Sep 1996, Ned Freed wrote:
It is worse than Schneier says -- there are newer results now. See the current
issue of RSA's CryptoBytes publication, Volume 2 Number 2, Summer 1996, for
details. Online copies are available in
http://www.rsa.com/rsalabs/cryptobytes/.
Hmm...looks bad.
The bottom line is that new application should no longer specify MD5 as a MIC.
And MD2 has been obsolete for some time. Use either SHA-1 or RIPEMD-160.
(I prefer the former.)
Ned
Okay, will do. Does anyone have a reference for the RIPE-MD algorithm?
The library I'm using doesn't have it and Applied Cryptography dedicates
6.5 lines to it with no algorithm. SHA I have.
Okay, so the various MDs are going to be included only for compatibility
with old software. But, I still need to support them. This is probably
opening a pandora's box, but which should I use by default, SHA or
RIPE-MD? Is one better than the other, does one or the other have nasty
patents or weird export controls?
-Dave
drig(_at_)magicweb(_dot_)com
I got a coffee mug from Cray Research when they moved out. Now I can
drink my coffee while doing 63 other, unrelated tasks.