RE: [Hash] Charter discussion, round 1

Paul Hoffman <> Wed, 22 June 2005 00:15 UTC

Received: from localhost.localdomain ([] by with esmtp (Exim 4.32) id 1Dksu4-0003D2-Cw; Tue, 21 Jun 2005 20:15:40 -0400
Received: from ([] by with esmtp (Exim 4.32) id 1Dksu2-0003A6-13 for; Tue, 21 Jun 2005 20:15:38 -0400
Received: from (ietf-mx []) by (8.9.1a/8.9.1a) with ESMTP id UAA29866 for <>; Tue, 21 Jun 2005 20:15:36 -0400 (EDT)
Received: from ([]) by with esmtp (Exim 4.33) id 1DktI3-0003pL-7O for; Tue, 21 Jun 2005 20:40:27 -0400
Received: from [] ( []) (authenticated bits=0) by (8.12.11/8.12.9) with ESMTP id j5M0FRKT010505; Tue, 21 Jun 2005 17:15:30 -0700 (PDT) (envelope-from
Mime-Version: 1.0
Message-Id: <p0623093bbede5b98c918@[]>
In-Reply-To: <> <>
References: <> <> <> <>
Date: Tue, 21 Jun 2005 17:15:33 -0700
To: "Jim Schaad" <>, "'Russ Housley'" <>
From: Paul Hoffman <>
Subject: RE: [Hash] Charter discussion, round 1
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1
X-Mailman-Version: 2.1.5
Precedence: list
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>

At 12:20 PM -0700 6/17/05, Jim Schaad wrote:
>  > >3.  I think that adding explicit deliverables for phase 2
>>  could wait, I
>>  >think it must wait until a re-charter for phase 3.
>>  Are you saying that we can do a good job on Phase 2 even if
>>  the participation from the international crypto community is low?
>Yes I think so, we are identifying the locations where hash functions are
>being used or are likely to be used in IETF protocols.  We are then
>specifying what prosperities are needed in these situations.  This does not
>seem to be highly reliant on big research issues.

At 10:04 AM -0400 6/20/05, Russ Housley wrote:
>I would like to see more discussion of this point on this mail list 
>and ant the BoF.  You might be able to convince me that we should 
>include Phase 1 and Phase 2 in the first version if the charter.

Remember that this effort is intended to be done in an IETF Working 
Group, and WGs are inherently open to all participants. If we begin 
the work or deciding the criteria that make a good hash without the 
experts from the international crypto community who understand those 
criteria being on-board, the WG will probably tend towards 
non-experts quoting (and misquoting) what they read in the trade 

There is the additional factor that we are just finding out some 
important things about hashes, and have heard very few analyses of 
that new information. Do the discoveries by Wang et. al. only apply 
to collisions? If we wait a year or two, will the crypto community be 
able to extend those into measurable preimage attacks? If so, what 
will we know then?

I'm not saying we need to wait on chartering phase 2, but we should 
certainly not try to rush this based on our limited information.

--Paul Hoffman, Director
--VPN Consortium

Hash mailing list