On Tue, 16 Aug 2005, Frank Ellermann wrote:
william(at)elan.net wrote:
SMTP with TLS with self-signed certificate will do fine and
much better then CRAM-MD5
Point. OTOH this is not more KISS (in other words I never
tried hard to understand it, let alone implement it in REXX)
<ot>
Its been 10 years since I did anything with REXX (that's how its been
since I converted my Maximus based BBS into unix Tycho based BBS and
after setting up rexx interprter for unix got amazed that some extra
features/doors I wrote still worked...
(...me wonders how many are on this list who understood what I wrote...)
</ot>
<http://purl.net/xyzzy/src/md5.cmd> (REXX MD5 stuff)
How about sha256.cmd?
AFAIK SHA-1 is not really better than MD5, it's only longer.
In cryptography world longer generally means better. Consider
public keys for example, i.e. 1024bit vs 384bit keys
And SHA-256 is again longer. I watch the "hash WG"
Its BoF and it may not become a WG. I'm actually a bit frustrated that
nothing serious happened and that majority just want to create BCP on
"hash security" rather then actually work on fixing effected protocols.
hoping for better ideas. At the moment I often see discussions in
the rough direction of "let's take SHA-256 and truncate it".
Trancated SHA-256 is likely to provide the same level of security as
SHA1 since its result is 160bit (of course the problem is that SHA1 does
not provide level of security expected because of recent attacks on its
system), but it takes more resources to calculate because the pre-output
is 256bit. In my opinion better is either to directly use SHA256 output
(when hash data size is not an issue) or create new 160bit hash function
to replace SHA1 (possibly it can be just some changes to SHA1 with simple
filter for incoming output to make attacks on result difficult).
Why is that better than say "let's use MD5 for odd bytes,
again MD5 for the even bytes, and concatenate the hashes" ?
You break it apart and now have to create collision of part1 and part2.
Security is supposed to increases exponentially with adding of more bits
and here you have simple linear increase of needed computational
capabilities. So what by adding two 128bit hashed together you do not
have the same level of security as 256bit hash, what you got is variant
of 129bit hash security but with much longer resuling data.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net