Hacker News new | past | comments | ask | show | jobs | submit login

Just held to the same standards of cryptanalysis that the community decides imbues a cryptohash with trust for use.

Pretty standard, and consistent with the rest of the text.

What did you think it meant?






Nothing in particular, but, like, there was just a NIST competition that produced SHA3, and "vetted" Blake2, and this wasn't submitted to it. It's not like there's a test suite to which you can just submit a cryptographic hash to validate it. You actually have to convince a bunch of mathematicians to do studies of your hash, right?

I'm not trying to pick on you, it's just that this keeps coming up with constructions like PCG. There's a cryptographic literature, and then a side-hustle of people building stuff like this. We used to have a sci.crypt discourse about it, but now I worry that HN has lost the antibodies.


There's 2 hashes here. Rainbow is non-crypto, rainstorm is proposed as a crypto-hash, requiring cryptanalysis. It's not claiming to be validated as a cryptohash by SMHasher3, which tests statistical properties. You need (crypt)analysis to say it's a secure and trusted crypto-hash. This was developed a couple months past the NIST submission deadline for SHA3.

Maybe your immune response was wrongly triggered? It happens. But what we really need antibodies against is excessive negativity and vague criticism, combined with attempts to justify the same with "you're not someone who is supposed to do that" gatekeeping.

Could some of this be motivated by the fact that you want to do stuff like this yourself, but instead of doing so, or analyzing it, you just criticize it, inappropriately? I don't think you're trying to pick on me, just confused and powered by righteous protective instinct that is better were it more informed and discerning. Reflect some?


No immune response! Making new things and posting them is an absolute good thing. I'm literally asking, straight up: what's the use case for a hash that is "more secure" than an insecure hash, but "less vetted" than an actual cryptographic hash. That's all.

Alright - if you want a strict use case for rainstorm in 2024 before public cryptanalysis: as a subject of cryptanalysis and experiment; as a way to make your name as a junior cryptographer attacking it.

What other ideas can you think of? How about in a construct for password hashing? You can add more rounds to the loop to increase the cost like pbkdf1/2.

For rainbow you can use it in place of whatever other non-crypto hash you have, especially if you want fast 128 or 256 bit widths.


Yep. Dunno. A question! It's the Internet, I get it, I'd bucket responses into "this is amazing" and "this is the worst" too. I have a more philosophical question here. :)

You would? That’s not what I’m doing: "bucketing". I always assume good, but look at everything closely, and call it out if I see it. I respond to what’s there individually.

If you're trying to be friendly you got a funny way about it. What’s your philosophical question?


The one at the root of the thread: "why would I ever use a hash that's slower than the fast, 'insecure' hashes, and isn't a serious cryptographically secure hash". This comes up a bunch!

Rainstorm is serious, but not yet publicly vetted. Anyway, I thought that might be your question. You don't have any answers?

If not...Oh well, you might have to wait until it gets analyzed a lot. Use Rainbow now without fear: fast, statistically great, and unlikely collisions - which makes most uses better. As someone else put it: "fastest 128-bit and 256-bit non-crypto hash, passes all tests, and under 140 source lines of code."


Why do you expect cryptography researchers to analyze your hash? That's maybe the question I should have started with.

Probably is. Why do you not expect them to?

I'm sure they will eventually, not too long. What's your big concern / lack of confidence here?

In the meantime you can take care of it and nurture it by encouraging people to analyze it, using your influential voice for good.


I'd be happy to if I understood better why someone would want to undertake that project, which is why I asked. There is an enormous literature on cryptographic hashing; where does your hash fit into it?

Nice question! Rainstorm pulls from a rich history of ciphers and cryptohashes. It’s based on ARX-like mixing (though it swaps addition for subtraction—hence XSR: XOR, Subtract, Rotate) to create non-linearity, while borrowing structural ideas from Feistel networks, sponge constructions, and Merkle–Damgård iteration. It fits into the “experimental hybrid” category, exploring whether combining paradigms can offer fresh resilience or reveal new weaknesses. Definitely more to expand on, and you can read more, here: https://dosaygo-research.github.io/rain/paper/crypto-note.pd...

Hopefulyl this gives an overview of some of the historical influences and inspirations.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: