[Ach] Vote for new Cipherstring B [Was: Issue with OpenSSL >0.9.8l]
Philipp Gühring
pg at futureware.at
Wed Jun 4 17:13:56 CEST 2014
Hi,
My guess is that those hash algorithms that leak all their internal state will also be a better target for pre-image and collission and similar attacks, than those where you do not get the full state.
ianG <iang at iang.org> schrieb:
>On 4/06/2014 14:14 pm, Philipp Gühring wrote:
>> Hi,
>>
>> I dont't mind dropping *256, but I currently believe that SHA384 is
>the
>> only secure hash in the SHA2 family, all other hashes leak their
>> complete internal state. Length-Extension-Attack...
>
>
>Point. But, is a length extension attack relevant to HMAC use?
>Doesn't
>the HMAC shield from this very attack?
>
>
>
>iang
>_______________________________________________
>Ach mailing list
>Ach at lists.cert.at
>http://lists.cert.at/cgi-bin/mailman/listinfo/ach
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20140604/03fa1a62/attachment.html>
More information about the Ach
mailing list