MD6 in Python
Robert Kern
robert.kern at gmail.com
Fri Jun 5 17:38:56 EDT 2009
On 2009-06-05 16:09, mikle3 at gmail.com wrote:
> On Jun 5, 11:46 pm, Christian Heimes<li... at cheimes.de> wrote:
>> mik... at gmail.com schrieb:
>>
>>> As every one related to security probably knows, Rivest (and his
>>> friends) have a new hashing algorithm which is supposed to have none
>>> of the weaknesses of MD5 (and as a side benefit - not too many rainbow
>>> tables yet). His code if publicly available under the MIT license.
>>> Is there a reason not to add it to the standard lib, following the
>>> hashlib "protocol"?
>> Somebody has to write and add a md6 wrapper to the standard library.
>> It's going to take some time, at least 18 months until Python 2.8 and
>> 3.2 are going to be released.
>>
>> Do you need a wrapper for md6? I could easily write one in about an hour.
>>
>> Christian
>
> It's not that I need it, I can sure use it. I can also write a wrapper
> myself.
> My secret agenda is too see if other people want it and write it as an
> addition to the standard lib, thus wetting my feet in Python Core
> Development without actually breaking anything :)
My gut feeling is that it's too new. In a year, the current round of the SHA-3
competition will be over, you will have much more information about how MD6
fares against its competitors, and you will still have some time to get it into
Python 2.8/3.2. We don't actually *know* that it doesn't have equivalent
weaknesses until the cryptanalysts try to break it for a year or so. :-)
--
Robert Kern
"I have come to believe that the whole world is an enigma, a harmless enigma
that is made terrible by our own mad attempt to interpret it as though it had
an underlying truth."
-- Umberto Eco
More information about the Python-list
mailing list