Weaknesses in SHA-1
Per Tunedal Casual
pt at radvis.nu
Sun Oct 3 20:09:33 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 10:46 2004-10-02, you wrote:
>``--------------------------------------------------------------------
>---On
>Sat, Oct 02, 2004 at 02:56:27AM -0400, Atom 'Smasher' wrote:
>> with all this talk of (allegedly!) weak and broken hashes, i'd like
>> to
>> throw out a construct to combine 2 or more hashes and (it seems)
>> make the
>> construct more secure than either one of the hashes independently:
>> take
>> two or more hashes and XOR them.
>
>And this creates what? Neither a sha1 or ripemed verification is
>possible.
>
>r = H(H(M))
>
>or
>
>H' = H(M)
>H' -> H1,H2
>H" = H(H1 xor H2)
>r = H(H")
>
>seems to me are better options, the first obviously faster than the
>second.
>the security improvements? none i guess if you're using anything else
>than md5 or sha{0,1}.
>
>/Thomas
>--
Would you please supply a legend? I cannot interpret your mail.
Per Tunedal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
iD8DBQFBYEBWaDDfzFT+2PIRAivPAJ4vsL6smPnIpNi3JtVEBj1Ji6xv9gCgmx4x
xCf8H59B9DqrK6rlvAaRXAc=
=TaZ4
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list