On Tue, 2006-28-11 at 11:11 +0000, Daniel Carrera wrote:
Yes, that would be good. We can say that SHA1, SHA256, SHA512 and
RIPMEND-160 are all ok (list taken from xmlenc), but all implementations
must support at least SHA256 but preferably all.
I know this is moving further away from Florian's list, but I think we
should also include WHIRLPOOL. There are good reasons for this:
1) SHA and RIPMEND are based on the same design principles, the same as
MD4/MD5, and hashes from this family are continuously being broken (MD4,
MD5, SHA-0, SHA-1 and the original RIPMEND). Some worry that there is a
fundamental design problem (see Bruce Schneier) and we need a completely
different algorithm.
WHIRLPOOL is the only popular hash I know of that is of a different
design.
2) WHIRLPOOL is an ISO standard (ISO/IEC 10118-3), is un-patented, is
believed to be secure, and it has been recommended by the NESSIE
project.
NESSIE = New European Schemes for Signatures, Integrity and Encryption
http://en.wikipedia.org/wiki/NESSIE
I notice that NESSIE did _not_ recommend SHA-1 at all, but only the
later variants.
In fact, why don't we use the NESSIE list instead of xmlenc? NESSIE's
list is WHIRLPOOL, SHA-256, SHA-384 and SHA-512.
I would feel more comfortable using this list than the other one. And we
could say that applications must support at least WHIRLPOOL and SHA-256.
What do you think?
Cheers,
Daniel.
22 messages in org.oasis-open.lists.officeRe: [office] Passwords
.pgp