Paulo Barreto (pbarreto@nw.com.br)
Mon, 29 Jun 1998 23:53:20 -0300
At 14:12 1998.06.29 +1000, Greg Rose wrote:
>The difference is that the left rotate (called a circular left shift in
>FIPS 180-1, http://csrc.nist.gov/fips/fip180-1.txt), has been added to
>the round function. There was no reason given for this change at the
>time, but one assumes it is because the NSA found an attack on it,
I've heard that the attack has been rediscovered and will be made public at
Crypto'98 in August (it's something called "differential collisions" --
note that the left rotate destroys bit alignment in the input while SHA-0
kept it; maybe that's the basis for the new attack).
Regards,
Paulo.
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:19:13 ADT