More on Hashes

Posted on April 21, 2005 at 15:35

Since I last wrote about the problem with hashes, there has been a fair bit of activity and some progress:

An internet draft is available describing the nature of the attacks on hash functions, and how different internet applications are affected. [2018-03-02: This became RFC 4270.]
According to the OpenSSL changes file, additional hash algorithms are going to be supported in version 0.9.8. There is no indication of a date for that release, though.
Don Eastlake’s internet draft on Additional XML Security Uniform Resource Identifiers (URIs) has progressed to its final status as RFC 4051.

I have updated my previous article to reflect this.

[2018-03-02: The Hoffman draft is now RFC 4270.]