Steven M. Bellovin wrote:
So -- what should we as a community be doing now? There's no emergency
on SHA1, but we do need to start, and soon.
The wider question is how to get moving on new hash
algorithms. That's a bit tricky.
Normally we'd look to see NIST or the NESSIE guys
lead a competition. But NESSIE just finished a
comp, and may not have the appetite for another.
NIST likewise just came out with SHA256 et al, and
they seem to have a full work load as it is trying
to get DSS-2 out.
How about the IACR? Would they be up to leading
a competition? I don't know them at all myself,
but if the Shandong results are heard at IACR
conferences, then maybe it's time to take on a
larger role.
Most of the effort could be volunteer, and it would
also be easy enough to schedule everything aligned
with the conference circuit.
Just a thought. Anyone know anyone at the IACR?
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
