Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feedback about hash functions #2512

Open
randomstuff opened this issue Jan 8, 2025 · 0 comments
Open

Feedback about hash functions #2512

randomstuff opened this issue Jan 8, 2025 · 0 comments
Labels
1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.

Comments

@randomstuff
Copy link
Contributor

randomstuff commented Jan 8, 2025

Feedback from Bart Preneel.

Add a note stating that SHA256 and SHA512 are vulnerable to extension attacks, where an attacker can compute from h(x) and y h(x||y) without knowing x (this is not a property that a well-designed hash function satisfies).

LGTM.

Remove KMAC128 and KMAC256 as these are MAC algorithms and not hash functions.

Yes, indeed.

About Blake2s, Blake2b, Blake3: I just would like to point out that these algorithms are NOT the outcome of an open competition and have received much less scrutiny than other hash functions in the list.

Does this make sense to add a column in the appendix for this?

@tghosth tghosth added 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine. AppendixV Appendix with crypto details labels Jan 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
1) Discussion ongoing Issue is opened and assigned but no clear proposal yet AppendixV Appendix with crypto details _5.0 - Not blocker This issue does not block 5.0 so if it gets addressed then great, if not then fine.
Projects
None yet
Development

No branches or pull requests

2 participants