L. Sassaman
Fri, 14 Apr 2000 02:56:42 -0700 (PDT)

Hash: SHA1

On Fri, 14 Apr 2000, Werner Koch wrote:

> Most banks here in Germany prefer RIPEMD160 over SHA1; I don't know
> why ;-)
Ah, politics. I love the fact that practically all of the AES candidates have non-US cryptographers working on them... :) Regardless of who developed SHA-1, it is the opinion of numerous well-respected cryptographers both in the USA and abroad that it is sound, and that DSS is correct in requiring it. An aside: those mysterious S-Box values in DES turned out to be not a back door placed by No Such Agency, but instead a clever construction to defend against differential cryptanalysis. When the NSA does things, they generally do them well... DES is cryptographically sound; 56 bit is just too damn small now. SHA-1 is far less controversial than the DES S-Boxes. RIPEMD160 could be just as good, but I trust SHA-1 with DSS more simply based on the collective opinion of the industry experts. - --Len. __ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger:// | --Joe Diffie -----BEGIN PGP SIGNATURE----- Comment: OpenPGP Encrypted Email Preferred. iD8DBQE49uthPYrxsgmsCmoRAq4wAKCK1KaWpj2mIA5l4gZuyMbmM+/aJACgyWuD VIqpvFTAePuUr5tLP+AOR/Q= =JLh8 -----END PGP SIGNATURE-----