[11244] in cryptography@c2.net mail archive
Re: building a true RNG
daemon@ATHENA.MIT.EDU (Jack Lloyd)
Mon Jul 29 16:30:54 2002
Date: Mon, 29 Jul 2002 16:24:36 -0400 (EDT)
From: Jack Lloyd <lloyd@acm.jhu.edu>
To: David Wagner <daw@cs.berkeley.edu>
Cc: <cryptography@wasabisystems.com>
In-Reply-To: <200207291943.g6TJhmJ11557@mozart.cs.berkeley.edu>
On Mon, 29 Jul 2002, David Wagner wrote:
> > DES, being extremely hardware friendly, can be (ab)used to
> > make a strong one-way hash. (E.g., raw input into both key and data maps
> > 56+64 -> uniformly distributed 64 bits.)
>
> However, when used in this way, DES is not an especially good hash function.
> For instance, it is easy to find collisions, to find pre-images, and so on.
Somewhat related to that, are there any block cipher->hash function methods
that are actually secure? Every one I've ever read about seems to have been
broken.
Regards,
Jack
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
