http://en.zaoniao.it/index.php?action=history&feed=atom&title=MD6MD6 - Revision history2026-05-15T20:11:47ZRevision history for this page on the wikiMediaWiki 1.32.0http://en.zaoniao.it/index.php?title=MD6&diff=2435&oldid=prevAdmin: Created page with "The '''MD6 Message-Digest Algorithm''' is a cryptographic hash function. It uses a Merkle tree-like structure to allow for immense parallel computation of hashes for v..."2019-03-22T03:46:33Z<p>Created page with "The '''MD6 Message-Digest Algorithm''' is a <a href="/Cryptographic_hash_function" title="Cryptographic hash function">cryptographic hash function</a>. It uses a <a href="/Merkle_tree" title="Merkle tree">Merkle tree</a>-like structure to allow for immense parallel computation of hashes for v..."</p>
<p><b>New page</b></p><div>The '''MD6 Message-Digest Algorithm''' is a [[cryptographic hash function]]. It uses a [[Merkle tree]]-like structure to allow for immense parallel computation of hashes for very long inputs. Authors claim a performance of 28 [[cycles per byte]] for MD6-256 on an [[Intel Core 2 Duo]] and provable resistance against [[differential cryptanalysis]]. The [[source code]] of the [[reference implementation]] was released under [[MIT license]].<br />
<br />
Speeds in excess of 1 GB/s have been reported to be possible for long messages on 16-core CPU architecture.<br />
<br />
MD6 was submitted to the [[NIST hash function competition|NIST SHA-3 competition]]. However, on July 1, 2009, Rivest posted a comment at NIST that MD6 is not yet ready to be a candidate for SHA-3 because of speed issues, a "gap in the proof that the submitted version of MD6 is resistant to differential attacks", and an inability to supply such a proof for a faster reduced-round version, although Rivest also stated at the MD6 website that it is not withdrawn formally. MD6 did not advance to the second round of the SHA-3 competition. In September 2011, a paper presenting an improved proof that MD6 and faster reduced-round versions are resistant to differential attacks was posted to the MD6 website.<br />
<br />
The algorithm's first known production use was in the [[Conficker|Conficker.B]] worm in December 2008; the worm's authors subsequently updated Conficker with the corrected implementation once the buffer overflow vulnerability became known.<br />
<br />
== See also ==<br />
* [[Comparison of cryptographic hash functions]]<br />
<br />
==Source==<br />
<br />
[http://wikipedia.org/ http://wikipedia.org/]<br />
[[Category:Cryptography]]</div>Admin