Personally, I'd like to see OpenSSL start using private key crypto as hashing functions. The reason that work on dedicated hashing algorithms kinda died off after MD[45]/SHA* came out was that people figured out that they were the equivelent of private key encryption.
IIRC, you can turn any private key crypto system into a hasing algorithm. Given an encryption function c = f(k, p) where c is the resulting ciphertext, k is the private key, and p is the plaintext, you can use it as a hash function s' = h(t, s) where s' is the new hash state, s is the previous hash state, and t is the text to hash, by just going h(t, s) = f(t, s). Note that the text being hashed becomes the key for the encryption function, not the plaintext! This assumes no weak keys for the cipher, obvious. Breaking the hashing function is then equivelent to launching a known-plaintext attack on the cipher.
As long as its matrix into matrix it is matrix into matrix :) just one flaw being the hash collision.
Lots of BIG BIG Rubik Cubes and write the message on the sides and twist and turn based on the "key"..wonder why the army doesnt use it ;)
You can also use any hashing function to make a private key encryption algorithm. Even if the hashing function isn't invertible itself, you can use it as a (very expensive) s-box in a 1-round feistel network. Note that the key is the two text blocks being hashed- the previous state
are the plaintext and the next state is the ciphertext..
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
