[ietf-dkim] Supporting alternate algorithms
dreymann at gmail.com
Mon Feb 20 15:09:27 PST 2006
Hallam-Baker, Phillip wrote:
> Having discussed this issue with the cryptographers the clear consensus
> there is that the announced weaknesses in SHA-1 almost certainly affect
> SHA-256 and that we should be looking for hash functions designed on
> different principles rather than promoting SHA-256 as a cure.
I concur. Last week I used the opportunity of the RSA conference to conduct
an informal survey with many of the world's best known cryptographers. They
have no evidence that SHA-256 is more than marginally better than SHA-1. The
consensus was that SHA-1 can still be used in the next few years, and that
when looking for a replacement we have to look beyond SHA-256.
More information about the ietf-dkim