excerpting, we have
James A. Donald wrote:
Weaker in ways that the NSA has examined, and the people that chose
the winning design have not.
Viktor Dukhovni replies:
Just because they're after you, doesn't mean they're controlling
your brain with radio waves. Don't let FUD
On 2013-10-01 08:51, Watson Ladd wrote:
On Mon, Sep 30, 2013 at 2:21 PM, James A. Donald jam...@echeque.com
mailto:jam...@echeque.com wrote:
Weaker in ways that the NSA has examined, and the people that
chose the winning design have not.
This isn't true: Keccak's designers proposed a
On 2013-10-01 10:17, John Kelsey wrote:
Yeah, that plot to weaken sha3 is so secretive, we've been discussing it in
public slide presentations and on public mailing lists for six months.
All big conspiracies get exposed - I would make a list, but that would
derail the conversation.
It does
On 1/10/13 00:21 AM, James A. Donald wrote:
On 2013-10-01 00:44, Viktor Dukhovni wrote:
Should one also accuse ESTREAM of maliciously weakening SALSA? Or
might one admit the possibility that winning designs in contests
are at times quite conservative and that one can reasonably
standardize
On 9/30/13 at 4:09 PM, cryptogra...@dukhovni.org (Viktor Dukhovni) wrote:
Just because they're after you, doesn't mean they're controlling
your brain with radio waves. Don't let FUD cloud your judgement.
ROTFLOL!
---
Bill
On Oct 1, 2013, at 4:48 AM, ianG i...@iang.org wrote:
...
This could be the uninformed opinion over unexpected changes. It could also
be the truth. How then to differentiate?
Do we need to adjust the competition process for a tweak phase?
Let's whiteboard. Once The One is chosen, have
On Tue, 2013-10-01 at 12:47 -0400, John Kelsey wrote:
The actual technical question is whether an across the board 128 bit
security level is sufficient for a hash function with a 256 bit
output. This weakens the proposed SHA3-256 relative to SHA256 in
preimage resistance, where SHA256 is
On 2013-09-30 14:34, Viktor Dukhovni wrote:
On Mon, Sep 30, 2013 at 05:12:06AM +0200, Christoph Anton Mitterer wrote:
Not sure whether this has been pointed out / discussed here already (but
I guess Perry will reject my mail in case it has):
On Mon, Sep 30, 2013 at 05:45:52PM +1000, James A. Donald wrote:
On 2013-09-30 14:34, Viktor Dukhovni wrote:
On Mon, Sep 30, 2013 at 05:12:06AM +0200, Christoph Anton Mitterer wrote:
Not sure whether this has been pointed out / discussed here already (but
I guess Perry will reject my mail
On Mon, 2013-09-30 at 14:44 +, Viktor Dukhovni wrote:
If SHA-3 is going to be used, it needs to offer some advantages
over SHA-2. Good performance and built-in support for tree hashing
(ZFS, ...) are acceptable reasons to make the trade-off explained
on slides 34, 35 and 36 of:
Well I
On 2013-10-01 00:44, Viktor Dukhovni wrote:
Should one also accuse ESTREAM of maliciously weakening SALSA? Or
might one admit the possibility that winning designs in contests
are at times quite conservative and that one can reasonably
standardize less conservative parameters that are more
On Tue, Oct 01, 2013 at 07:21:03AM +1000, James A. Donald wrote:
On 2013-10-01 00:44, Viktor Dukhovni wrote:
Should one also accuse ESTREAM of maliciously weakening SALSA? Or
might one admit the possibility that winning designs in contests
are at times quite conservative and that one can
On Mon, Sep 30, 2013 at 2:21 PM, James A. Donald jam...@echeque.com wrote:
On 2013-10-01 00:44, Viktor Dukhovni wrote:
Should one also accuse ESTREAM of maliciously weakening SALSA? Or
might one admit the possibility that winning designs in contests
are at times quite conservative and that
Hey.
Not sure whether this has been pointed out / discussed here already (but
I guess Perry will reject my mail in case it has):
https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3
This makes NIST seem somehow like liars,... on the one hand they claim
to surprised by the alleged
On 2013-09-30 13:12, Christoph Anton Mitterer wrote:
https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3
This makes NIST seem somehow like liars
If one lie, all lies.
___
The cryptography mailing list
cryptography@metzdowd.com
On Mon, Sep 30, 2013 at 05:12:06AM +0200, Christoph Anton Mitterer wrote:
Not sure whether this has been pointed out / discussed here already (but
I guess Perry will reject my mail in case it has):
https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3
I call FUD. If progress is to
16 matches
Mail list logo