[cap-talk] Replacing SHA-1 with AES in reference pipelining
iang at systemics.com
Fri Oct 7 05:49:59 EDT 2005
Bill Frantz wrote:
> On 10/1/05, markm at cs.jhu.edu (Mark Miller) wrote:
>>Tyler Close wrote:
>>>Something to ponder... MarkM, what are your thoughts on this for E?
>>I am following the discussion. AFAI can tell, everything being said applies
>>equally well to both web-calculus & CapTP. I am not a cryptographer, so when a
>>clear consensus emerges in this discussion, I'll adopt it. Until then, and so
>>long as SHA-1 continues to look secure enough for now, my inclination is to
>>leave well alone and stick with SHA-1 in the meantime.
> I'm with Zooko. On the eve of a workshop on hash functions gathering
> some of the best cryptographers in the world, and with E's use of SHA1
> probably still being safe, waiting to see the results of the workshop is
> in order. Since I think it is likely that anything that replaces SHA1
> will have a longer hash, it is worth considering whether longer
> SturdyRefs will cause useability problems.
Yes. If you have an itch to code, then what you
might do is prepare the code to work with more than
one hash. By adding a hash type metric of some
form (I use both array length and a prefix). That's
much more work generally than any other part.
More information about the cap-talk