> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Jay Foster
> Sent: Thursday, May 14, 2015 18:09
> To: openssl-users@openssl.org
> Subject: [openssl-users] Truncating A Hash
>
> What is the down side of truncating a hash? For example, an SHA-256
> hash is 256 bits.
On Thu, May 14, 2015 at 03:09:10PM -0700, Jay Foster wrote:
> What is the down side of truncating a hash? For example, an SHA-256 hash is
> 256 bits. Is it any less secure if one was to drop the last 128 bits to
> make a 128 bit hash
Yes, a truncated hash is less secure against both collision a
What is the down side of truncating a hash? For example, an SHA-256
hash is 256 bits. Is it any less secure if one was to drop the last 128
bits to make a 128 bit hash or take the MD5 hash of the SHA-256 hash to
get a 128 bit hash? It does not seem that such an action would make it
any easie
On 5/13/2015 10:19 AM, Matt Caswell wrote:
>
>
> On 08/05/15 09:40, Matt Caswell wrote:
>>
>>
>> On 08/05/15 02:28, Jeffrey Altman wrote:
>>
>>> Regardless, the inability to improve the support in this area has left
>>> the those organizations that rely upon 2712 with the choice of use
>>> insecu
Thanks Dave.
Sure I can't recover the private key from the public. Otherwise it wouldn't
make any sense to use the DSA algorithm at all.
I dig a little into fips code and think using FIPs test vectors to validate
my API is not practical.
Looks like FIPs deals with openssl internals to test it. St
