SHA-3 is KECCAK

Chris Cain clcain at uncg.edu
Fri Jan 17 05:11:56 PST 2014


On Friday, 17 January 2014 at 11:37:26 UTC, Kagamin wrote:
> MD5 is good enough for most cases.

For any use where security isn't an actual concern, sure. If it's 
just to casually verify that a file transferred successfully 
(like an alternative to a checksum), then it's fine to use. But 
don't use it to secure anything against an attacker at this point.

> AFAIK, keccak uses weird bit fiddling. Wasn't it considered a 
> bad practice since DES because a specialized hardware would 
> give a considerable speedup, which will help in brute force 
> attacks?

Actually, the idea is that it _should_ be implemented in 
specialized hardware to make it faster. And improving brute force 
attacks in this manner will only provide a multiplicative 
increase in speed, and that's not a concern. The overall strategy 
of using brute force isn't going to be turned from infeasible to 
feasible because of that. It's still completely infeasible to 
find two different messages s.t. their SHA-3 hash is equal.


More information about the Digitalmars-d mailing list