[13169] in cryptography@c2.net mail archive
Re: The Pure Crypto Project's Hash Function
daemon@ATHENA.MIT.EDU (Adam Shostack)
Sat May 3 12:52:06 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sat, 3 May 2003 12:46:55 -0400
From: Adam Shostack <adam@homeport.org>
To: Ralf Senderek <ralf@senderek.de>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
In-Reply-To: <Pine.LNX.4.31.0305031723060.2035-100000@safe.senderek.de>
On Sat, May 03, 2003 at 05:28:24PM +0200, Ralf Senderek wrote:
| On Sat, 3 May 2003, Rich Salz wrote:
| > Isn't it better to have clean implementations of known algorithms that
| > have been widely understood and studied by the cryptographic community?
|
| > Smallest lines of code doesn't imply "most secure."
| > /r$
|
| The goal is of course : "most secure" AND "most clear" AND "smallest code"
Do you want good, fast, and cheap, too?
I'd be much more comfortable with a standard hash function than one
designed in the hopes of reducing code size, for any project except
one where gate count matters.
Small code is only useful for ease of review, and bug resistance.
However, code reuse also accomplishes those same goals. There seems
to be a lot of audit work done on openssl, use their sha
implementation, or get NIST's. You get a solid hash function, and the
important benefits of small code.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
