According to the news three years ago, MD5 and SHA1 seem no longer
sufficiently safe.
News link: http://www.eetimes.com/showArticle.jhtml?articleID=60402150

NIST also encourages people and organizations to make an transition on
its hash algorithm from SHA-1 or MD5 to more advanced ones, such as
SHA256, SHA384, SHA512.

So, I have a question that according to current technology, is SHA256
sufficiently safe as the hash algorithm and is it supposed to be safe
enough in the coming 5 years, if no new crypto attack method about
hash algorithm is invented only with the computation ability
increasing under Moore's Law.

Thank you for your reply :)

According to the news three years ago, MD5 and SHA1 seem no longer
sufficiently safe.
News link: http://www.eetimes.com/showArticle.jhtml?articleID=60402150

NIST also encourages people and organizations to make an transition on
its hash algorithm from SHA-1 or MD5 to more

advanced ones, such as SHA256, SHA384, SHA512.

So, I have a question that according to current technology, is SHA256
sufficiently safe as the hash algorithm and is

it supposed to be safe enough in the coming 5 years, if no new crypto
attack method about hash algorithm is invented

only with the computation ability increasing under Moore's Law.

Thank you for your reply :)

l on the internet appears the issue concering Skype.

As encryption goes a donut algorithm would likely attack. Donuts take
the first alphabet and then allow all asci to appear as the signal
code.

A codec transform binary to signal.

Allow the first clear signal to be the decrypted signal. A basic
decoding was not the only method as a technique to attacking all
encrypted analog signals. Take the first set. And shuffle as a long
signal. Assume a binary represents a certain signal strength. And
assume a message block size, or signal duration.

Shuffle. As the next block appears overlay as single words. And
shuffle again the first message block in its entirty. So a signal in
encrypted form will randomly appear. A quite arbitrary signal in
simulation only of the true signal.

Alphabet as signal strength then occurs. A decryption then demands a
complete hard crack of this first message block. Shuffle the block as
a hard crack occurs.

Last Call for Papers: International Conference on Modeling, Simulation
and Control (ICMSC 2008)
From: International Association of Engineers (IAENG)
San Francisco, USA, 22-24 October, 2008
http://www.iaeng.org/WCECS2008/ICMSC2008.html

Important Dates:
Draft Paper Submission Deadline (extended): 30 July, 2008
Camera-Ready Papers Due & Registration Deadline: 16 August, 2008
WCECS 2008: 22-24 October, 2008

http://www.theregister.co.uk/2008/07/25/skype_backdoor_rumours/

For years I have advocated that the purchase of Skype by eBay was incited by the U.S. government who wanted to put in code so they are able to intercept Skype communications. Here's more proof of this, although hard proof is still out.

I call on Open Source developers to create a Skype clone with full encryption which cannot be intercepted.

I'm looking at building a cryptographic hash starting with a weak
bijective function f.

Most attacks rely on differentials. If you can attack a structure
with n rounds of f, that comes down to finding n separate
differentials where you get to choose the input of just one of them.
(Unless you can find differentials that map to themselves, say ff(x+d)
= ff(x)+d, like Fluhrer's attack on Mercy. I'll assume that f has
been screened for differentials like that.)

One question is how big should n be. I'll make a stab in the dark: if
every one-bit differential usually affects every bit forward by at
least 25%% after x rounds and backwards by at least 25%% after y rounds,
then n = 2(x*y) is a good guess. I think I've seen 1.5 rather than 2
used in practice.

Another question is, given that n=30 rounds of f is enough, how do you
combine data blocks with the permutation to build a hash? How do you
associate a key with the permutation?

http://www.theregister.co.uk/2008/07/25/skype_backdoor_rumours/

For years I have advocated that the purchase of Skype by eBay was incited by the U.S. government who wanted to put in code so they are able to intercept Skype communications. Here's more proof of this, although hard proof is still out.

I call on Open Source developers to create a Skype clone with full encryption which cannot be intercepted.

6) On the subject of stronger algorithms, the necessity of obscure key
generation is the question. If all keys are tightly searchable,
security options are also limited. But an unsearchable key space with
virtually unlimited means of generating keys all which could be used
with a specific algorithm makes more then good sense. For test
purposes, something trivial is OK but if used for security, such keys
are likely foolish.

The average stupid user, many are, seeks simple security and can get
that or less. The most secret of adequate keys when not closely held
are in fact shared keys; strangers hold no virtue if their values
diverge from yours. The big truth is that sales arguments are for
taking rather than for giving and it is easy to be taken.

The rant against security by obscurity might only be narrowly valid
where generic information is to be openly discussed but otherwise that
noise probably amounts only to mere attempted intimidation for one of
many possible reasons. Uncountable good algorithms are possible and
having more of them is good. If you preach status quo because you
have all the answers, you don't.

A while ago I posted basic code on how to hide a channel amongst three
channels.

A,B,C are three data channels amongst the single channels. A time
division multiplexing appears the common method of many channels on a
single data line.

What happens is a hidden channels appears and the ciphertext binary
set was distributed amongst the whole A,B,C set. A random background
to all three A,B,C channels disallows easy data detection.

All that is necessary appears the actual name for this technique. A
code to exactly distribute the data inside the three channels appears
a class of encipherment. And so I get to ask for the techniques name.

Please what is this techniques real name?

Thanks
Doug

eaglesondouglas123@yahoo.com

Hi All,

we are all used to test vectors for testing algorithms.

I was wondering if there is a set of test vectors for differing bit
lengths for a multi precision math library.

This would include results for such thins as adding, subtracting,
modula, exponents and the like to support a crypto library.

Do such vectors exist?

I can generate such things using CAS's - but was wondering if there
are standard test vector sets.

Thanks for any pointers.

~A