[147340] in cryptography@c2.net mail archive
Re: [Cryptography] NIST about to weaken SHA3?
daemon@ATHENA.MIT.EDU (James A. Donald)
Mon Sep 30 10:07:12 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 30 Sep 2013 17:45:52 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <20130930043450.GN29796@mournblade.imrryr.org>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-09-30 14:34, Viktor Dukhovni wrote:
> On Mon, Sep 30, 2013 at 05:12:06AM +0200, Christoph Anton Mitterer wrote:
>
>> Not sure whether this has been pointed out / discussed here already (but
>> I guess Perry will reject my mail in case it has):
>>
>> https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3
> I call FUD. If progress is to be made, fight the right fights.
>
> The SHA-3 specification was not "weakened", the blog confuses the
> effective security of the algorithtm with the *capacity* of the
> sponge construction.
SHA3 has been drastically weakened from the proposal that was submitted
and cryptanalyzed: See for example slides 43 and 44 of
https://docs.google.com/file/d/0BzRYQSHuuMYOQXdHWkRiZXlURVE/edit
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
