Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ron Rivest on why MD6 was withdrawn from the SHA-3 contest at NIST (csail.mit.edu)
39 points by soundsop on July 28, 2009 | hide | past | favorite | 5 comments


It seems to be a very classy withdrawal. I wonder how much the other candidates satisfy the two 'suggestions'.


You echo Bruce Schneier's sentiments.

http://www.schneier.com/blog/archives/2009/07/md6.html


In case anybody is interested, the md6 reference implementation is here: http://groups.csail.mit.edu/cis/md6/code/md6_c_code-2009-04-... , this was the one submitted to NIST and has now apparently been withdrawn.


Note that this is not identical to withdrawing MD6 from the "SHA-3 contest" -- they are just not entering the next round of the contest, because they haven't figured out how to prove the resistance of MD6 to differential attacks while making it as efficient as NIST require.

http://groups.csail.mit.edu/cis/md6/


Why not submit it on a provisional basis? i.e. full rounds, and let it be slow.

Would NIST reject it outright?




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: