Re: TEA (was Re: filesystem encryption)

Alex Alten (Andrade@netcom.com)
Mon, 29 Jun 1998 22:49:04 -0700

• Next message: Bill Stewart: "Re: unsubacribe"
• Previous message: Black Unicorn: "Re: Cryptanalysis (was Re: TEA (was Re: filesystem encryption))"
• In reply to: Paulo Barreto: "Re: Cryptanalysis (was Re: TEA (was Re: filesystem encryption))"
• Next in thread: Perry E. Metzger: "Re: TEA (was Re: filesystem encryption)"
• Reply: Perry E. Metzger: "Re: TEA (was Re: filesystem encryption)"

At 03:13 PM 6/29/98 -0400, Perry E. Metzger wrote:
>
>Cicero writes:
>> Alex Alten <Andrade@netcom.com> wrote:
>> >At 04:20 PM 6/24/98 -0400, mgraffam@mhv.net wrote:
>> >>Uh.. why not just use a hash algoritm to hash a passphrase down to
>> >>128 bits, if you really only want 64, just truncate it.
>> >
>> >Never truncate a hash, unless you understand its design.
>> >
>> >- Alex
>>
>> Can you give an example to illustrate your point? Are you saying that
>> there are instances where truncating SHA-1 or MD5 can lead to a
>> problem?
>
>I'm actually under the impression that using a truncated hash output
>in lieu of the hash produces a more secure result under many
>circumstances.
>

No. Hashes do not have perfect random output. If you truncate the output
you will introduce vulnerabilities not anticipated by the designer.

- Alex

--
Alex Alten
Andrade@Netcom.Com
P.O. Box 11406
Pleasanton, CA  94588  USA
(510) 417-0159

• Next message: Bill Stewart: "Re: unsubacribe"
• Previous message: Black Unicorn: "Re: Cryptanalysis (was Re: TEA (was Re: filesystem encryption))"
• In reply to: Paulo Barreto: "Re: Cryptanalysis (was Re: TEA (was Re: filesystem encryption))"
• Next in thread: Perry E. Metzger: "Re: TEA (was Re: filesystem encryption)"
• Reply: Perry E. Metzger: "Re: TEA (was Re: filesystem encryption)"