Hopefully interesting panel at the second NIST hash workshop

Right after Crypto 2006 in Santa Barbara, NIST will hold its second hash workshop. The purpose of the workshop will be to look more closely at the SHA-2 hash function family, and also to start developing follow-on hash functions.

I'm pretty psyched to be co-leading a panel (with Arjen Lenstra) whose purpose is to kick-start the process. The title of the panel is "SHA-256 Today and Maybe Something Else in a Few Years: Effects on Research and Protocols" and, as you can see from the preliminary program, the panel is packed with a lot of hash algorithm heavies: Ron Rivest, Adi Shamir, Bart Preneel, Antoine Joux, and Niels Ferguson.

NIST got a great response to the original AES competition, but we are seeing less-than-inspiriing amounts of effort on making a better hash algorithm and on breaking SHA-256. I hope the panel gives the folks in the audience inspiration to try one or both of these. We are now collecting juicy questions; let me know if you have any of your own.

Amazon's bad math on backorders

Amazon is using weird (or possibly deceptive) estimated ship dates on their web site for back-ordered items. I ordered a highly-desired item on July 12; they estimated it would ship in under a week and be here today. This morning, they changed the delivery estimate from today to August 3, which is two weeks from now. Yuck, but oh well.

What is more bothersome, however, is that if you go to order the product today, it says "Usually ships within 1 to 2 weeks". This means that either they have now put me at the back of the queue for shipping even though I ordered a week ago, or one of their two estimates is badly wrong. I suspect (hope!) that someone who orders today will have their item shipped more than two weeks from now and that I will get my system a week before they do.

A company like Amazon that prides itself on its website ordering system should be able to do math better than this, and should be able to be more accurate (or possibly honest) about expected shipping dates.

Update: I had sent Amazon an email with their web form, but didn't hear back from them... until now.

According to their message, I contacted them at "Wed Jul 19 13:34:07 UTC 2006". I got the reply more than a day later. According to the mail headers:

. . .
Received: from mm-notify-out-1103.amazon.com (mm-notify-out-1103.amazon.com [207.171.164.45])
	by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k6KNWZnL064269
	for ; Thu, 20 Jul 2006 16:32:35 -0700 (MST)
	(envelope-from [email protected])
Received: from na-rte-app-5104.iad5.amazon.com ([10.217.13.62])
  by mm-notify-out-1103.amazon.com with ESMTP; 19 Jul 2006 07:40:38 -0700
Received: by na-rte-app-5104.iad5.amazon.com
	id AAA-notification-32016,844; 19 Jul 2006 07:40:09 -0700

So, they replied to my note reasonably quickly, then their outgoing mail server sat on it for about 36 hours before delivering to my mail system. So, maybe their internal IT systems are much, much worse than we thought...