Is there an algorithm that computes the strength of a digest alg? (original) (raw)
Bruce Rich brich at us.ibm.com
Mon Oct 24 15:34:44 UTC 2011
- Previous message (by thread): Is there an algorithm that computes the strength of a digest alg?
- Next message (by thread): Is there an algorithm that computes the strength of a digest alg?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
For the algorithms that NIST recognizes and approves, the doc linked below has some strength comparisons in tables near page 60
http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf
Bruce A Rich brich at-sign us dot ibm dot com
From: Bradford Wetmore <bradford.wetmore at oracle.com> To: Weijun Wang <weijun.wang at oracle.com> Cc: "Xuelei.Fan at oracle.com" <Xuelei.Fan at oracle.com>, OpenJDK <security-dev at openjdk.java.net> Date: 10/23/2011 10:47 PM Subject: Re: Is there an algorithm that computes the strength of a digest alg? Sent by: security-dev-bounces at openjdk.java.net
I don't know of anything like that. As Michael points out, key Lengths by themselves are not always a good indicator of relative stength.
BTW, JSSE hard-codes the choices.
Brad
On 10/23/2011 6:52 PM, Weijun Wang wrote:
Hi Andrew
I need a method boolean isWeakerThan(String a1, String a2) so that isWeakerThan("MD5", "SHA1") returns true and isWeakerThan("SHA-256", "SHA1") returns false. I know you have done a lot of constraints works in JDK 7. Do you have an existing one? Otherwise, I plan to manually assign a value to each known algorithm and compare it. Thanks Max
-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20111024/62ddac0a/attachment.htm>
- Previous message (by thread): Is there an algorithm that computes the strength of a digest alg?
- Next message (by thread): Is there an algorithm that computes the strength of a digest alg?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]