> To support this claim, we review the cryptanalysis progress in the last 20 yea... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Joker_vD on July 6, 2023 \| parent \| context \| favorite \| on: I want XAES-256-GCM/11 > To support this claim, we review the cryptanalysis progress in the last 20 years, ...and rationally and scientifically assuming that the rate of the progress won't increase and that there will be no major breakthroughs in the future, we propose revised number of rounds for AES, BLAKE2, ChaCha, and SHA-3. The crypto is already fast enough, thank you very much; many attacks work only precisely it's quite fast to brute force huge subspaces of key material.

tptacek on July 6, 2023 [–]

Which attacks would those be? Are you thinking about password cracking? What are the other ones?

tedunangst on July 7, 2023 | [–]

SHA-1 collisions are (almost) as much brute force as anything.

tptacek on July 7, 2023 | | [–]

But that's not because SHA-1 doesn't have enough rounds; there's a more fundamental flaw in SHA-1.

tedunangst on July 7, 2023 | | [–]

Okay, fair, I hallucinated bits into the statement.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact