On 2009-06-05 16:09, mik...@gmail.com wrote:
On Jun 5, 11:46 pm, Christian Heimes<li...@cheimes.de> wrote:
mik...@gmail.com schrieb:
As every one related to security probably knows, Rivest (and his
friends) have a new hashing algorithm which is supposed to have none
of the weaknesses of MD5 (and as a side benefit - not too many rainbow
tables yet). His code if publicly available under the MIT license.
Is there a reason not to add it to the standard lib, following the
hashlib "protocol"?
Somebody has to write and add a md6 wrapper to the standard library.
It's going to take some time, at least 18 months until Python 2.8 and
3.2 are going to be released.
Do you need a wrapper for md6? I could easily write one in about an hour.
Christian
It's not that I need it, I can sure use it. I can also write a wrapper
myself.
My secret agenda is too see if other people want it and write it as an
addition to the standard lib, thus wetting my feet in Python Core
Development without actually breaking anything :)
My gut feeling is that it's too new. In a year, the current round of the SHA-3
competition will be over, you will have much more information about how MD6
fares against its competitors, and you will still have some time to get it into
Python 2.8/3.2. We don't actually *know* that it doesn't have equivalent
weaknesses until the cryptanalysts try to break it for a year or so. :-)
--
Robert Kern
"I have come to believe that the whole world is an enigma, a harmless enigma
that is made terrible by our own mad attempt to interpret it as though it had
an underlying truth."
-- Umberto Eco
--
http://mail.python.org/mailman/listinfo/python-list
