[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    Re: [IPsec] Issue #33 Is TIGER specified?
From:       Tero Kivinen <kivinen () iki ! fi>
Date:       2008-09-24 9:24:36
Message-ID: 18650.1876.373506.395837 () fireball ! kivinen ! iki ! fi
[Download RAW message or body]

Paul Hoffman writes:
> At 8:55 PM +0300 9/23/08, Yaron Sheffer wrote:
> >Here's a "proper" reference, from a real book printed on real paper:
> >
> >Ross Anderson, Eli Biham,
> >Tiger: A Fast New Hash Function,
> >Fast Software Encryption 3, 1996, LNCS 1039
> 
> The IPsec WG consciously decided to not move TIGER to IKEv2 partially 
> because nearly no one had implemented it in IKEv1. Part of the reason 
> that few implemented it in IKEv1 is that the spec was hard to get; 
> part of the reason was that it was unclear what the advantage was.

We have had tiger implemented for both IKEv1 and IKEv2 for long time.
It has not really been that much in use, as there has not been that
many others to implement it and currently I think it is disabled from
all our distributions.

> Have either of those changed? Is the book readily available?

I wanted to get the paper reference information for the paper, so I
called Tatu and he could find that preceedings from his library within
the minute and he gave me the reference information for the paper. I
would guess those proceedings should be in computer science libraries
around the world, or at least in those which are interested in
cryptography. 

> Is there any advantage over the current hash functions that outweigh
> the fact that TIGER has gone virtually unstudied in the crypto
> community relative to the hashes we are using?

I donot know about that, but at it is yet another hash function and
can be used as backup hash function for SHA1/2 family (in addition to
the PRF_AES128_CBC, and PRF_AES128_CMAC).

It is already defined in the IKEv2 document and numbers are in the
IANA registry, so I see no point of removing it. 
-- 
kivinen@safenet-inc.com
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic