So I haven't been keeping track of the SHA-3 competition as well as I have been.... | Hacker News

HN2new | past | comments | ask | show | jobs | submit

		djcapelis on Dec 11, 2010 \| parent \| context \| favorite \| on: SHA-3 Finalists Announced So I haven't been keeping track of the SHA-3 competition as well as I have been. Do you (or anyone else who happens to wander by on HN) happen to know if all of these finalists are using non-MD constructions that are resistant to length extension nonsense? Is there a possibility among these choices that NIST could still possibly pick a SHA-3 vulnerable to length extension?

tptacek on Dec 11, 2010 [–]

Resistance to length-extension attacks is one of NIST's requirements for the competition; a hash that had that vulnerability would have been disqualified.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact