[openssl-dev] [openssl.org #3897] request: add BLAKE2 hash function (let's kill md5sum!)

Yoav Nir ynir.ietf at gmail.com
Thu Jun 11 10:15:38 UTC 2015 

That shouldn’t be too difficult (finding reviewers, I mean).

Is the ISE asking for volunteers to review? What kind of volunteers?  IMO what a reviewer needs to be able to say is:
 - The document is clear (you can implement based on this)
 - The algorithm might be useful in the IETF
 - The security claims are sufficient to what IETF protocols need
 - The security claims are backed up by either peer-reviewed academic papers or equivalent

So there’s a lot of people who can do all that. You don’t even need real cryptographers, although having at least one would be good. What is holding things up?

Yoav

> On Jun 11, 2015, at 11:50 AM, Jean-Philippe Aumasson <jeanphilippe.aumasson at gmail.com> wrote:
> 
> The status of the draft is unchanged ("Finding Reviewers"). Perhaps OpenSSL can speed up the review process.
> 
> BLAKE2 has a keyed (aka MAC/PRF) mode, so it may also replace Poly1305. A BLAKE2 MAC can be customized wrt key or tag size, and can provide the highest security level for a give key/tag size combination.
> 
> 
> 
> On Thu, Jun 11, 2015 at 10:15 AM Yoav Nir <ynir.ietf at gmail.com <mailto:ynir.ietf at gmail.com>> wrote:
> 
> > On Jun 11, 2015, at 2:36 AM, Bill Cox <waywardgeek at google.com <mailto:waywardgeek at google.com>> wrote:
> >
> > BLAKE2 rocks.  I'm looking forward to using it in many applications.
> >
> 
> Sure. I would be glad to see that used as a hash in signatures and in TLS, as a PRF in TLS and IKE, etc.
> 
> Does anyone know what the status of draft-saarinen-blake2 is?  If that progresses we can propose things like TLS_ECDHE_EdDSA_WITH_CHACHA20_POLY1305_BLAKE2[*] or PRF_BLAKE2.
> 
> Yoav
> 
> [*] I think we should call that ciphersuite “Suite-C” with ‘C’ standing for civilian, because this is a whole bunch of algorithms, none of which came from the government of the (pseudo-)military.
> 
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev <https://mta.openssl.org/mailman/listinfo/openssl-dev>
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150611/2bf61bb6/attachment.html>

More information about the openssl-dev mailing list