Securely downloading Ubuntu
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Tue Jan 29 13:48:44 UTC 2008
On Jan 29, 2008, at 1:16 PM, Colin Watson wrote:
> Do you know what the state of cryptanalytic research is on
> Whirlpool? My
> concern is that the MD5/SHA family, for all its faults, has been
> extremely extensively cryptanalysed, and at least we know where we
> stand, while the other families are still relatively unknown.
That's correct. Whirlpool is AES-based, which is slightly reassuring,
but its designers have to my knowledge never presented it in an
academic conference; even so, it passed quite some scrutiny when it
was submitted to (and subsequently selected by) the NESSIE project.
For high-security applications, combining a SHA-2 variant and either
RIPEMD-160 or Whirlpool is sufficient to satisfy even the
professionally paranoid among us. I chose a SHA-256+Whirlpool
combination for signature verification in the OLPC firmware.
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
More information about the Ubuntu-devel-discuss
mailing list