On Jan 29, 2008, at 1:16 PM, Colin Watson wrote: > Do you know what the state of cryptanalytic research is on > Whirlpool? My > concern is that the MD5/SHA family, for all its faults, has been > extremely extensively cryptanalysed, and at least we know where we > stand, while the other families are still relatively unknown.
That's correct. Whirlpool is AES-based, which is slightly reassuring, but its designers have to my knowledge never presented it in an academic conference; even so, it passed quite some scrutiny when it was submitted to (and subsequently selected by) the NESSIE project. For high-security applications, combining a SHA-2 variant and either RIPEMD-160 or Whirlpool is sufficient to satisfy even the professionally paranoid among us. I chose a SHA-256+Whirlpool combination for signature verification in the OLPC firmware. -- Ivan Krstić <[EMAIL PROTECTED]> | http://radian.org -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss