Hacker News new | past | comments | ask | show | jobs | submit login
Ron Rivest on why MD6 was withdrawn from the SHA-3 contest at NIST (csail.mit.edu)
39 points by soundsop on July 28, 2009 | hide | past | favorite | 5 comments



It seems to be a very classy withdrawal. I wonder how much the other candidates satisfy the two 'suggestions'.


You echo Bruce Schneier's sentiments.

http://www.schneier.com/blog/archives/2009/07/md6.html


In case anybody is interested, the md6 reference implementation is here: http://groups.csail.mit.edu/cis/md6/code/md6_c_code-2009-04-... , this was the one submitted to NIST and has now apparently been withdrawn.


Note that this is not identical to withdrawing MD6 from the "SHA-3 contest" -- they are just not entering the next round of the contest, because they haven't figured out how to prove the resistance of MD6 to differential attacks while making it as efficient as NIST require.

http://groups.csail.mit.edu/cis/md6/


Why not submit it on a provisional basis? i.e. full rounds, and let it be slow.

Would NIST reject it outright?




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: