1995-11-02 - Re: Keyed-MD5, ITAR, and HTTP-NG
Header Data
From: hallam@w3.org
To: Simon Spero <cypherpunks@toad.com
Message Hash: 76dfc294e7dcdddb578ff0536f6dcd180abf869905a7a0961c6bdac0b47c60c3
Message ID: <9510302351.AA28243@zorch.w3.org>
Reply To: <Pine.SOL.3.91.951030101221.319D-100000@chivalry>
UTC Datetime: 1995-11-02 01:28:57 UTC
Raw Date: Thu, 2 Nov 1995 09:28:57 +0800
Raw message
From: hallam@w3.org
Date: Thu, 2 Nov 1995 09:28:57 +0800
To: Simon Spero <cypherpunks@toad.com
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <Pine.SOL.3.91.951030101221.319D-100000@chivalry>
Message-ID: <9510302351.AA28243@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain
Simon,
Do not spec Keyed MD5, it is a complete looser. It is actually weak
against a number of attacks. There are much better constructs for creating
a keyed digest. There are much better ways of creating a digest than using
a hash fuinction as the base.
There is some work by Phil Rogaway on making keyed digest functions
which I strongly recommend people look at. I can post a paper on the subject if
people are interested.
Phill
Thread
- Return to October 1995
Return to November 1995
- Return to “Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>”
- Return to “futplex@pseudonym.com (Futplex)”
- Return to “hallam@w3.org”
- Return to “James Black <black@eng.usf.edu>”
- Return to “James Black <black@sunflash.eng.usf.edu>”
- Return to “Kevin L Prigge <klp@gold.tc.umn.edu>”
- Return to “michael shiplett <walrus@ans.net>”
- Return to ““Perry E. Metzger” <perry@piermont.com>”
- Return to “Rich Graves <llurch@networking.stanford.edu>”
Return to “Simon Spero <ses@tipper.oit.unc.edu>”
- 1995-10-30 (Tue, 31 Oct 1995 02:46:42 +0800) - Keyed-MD5, ITAR, and HTTP-NG - Simon Spero <ses@tipper.oit.unc.edu>
- 1995-10-30 (Tue, 31 Oct 1995 03:40:01 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - James Black <black@sunflash.eng.usf.edu>
- 1995-10-31 (Tue, 31 Oct 1995 09:14:59 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
- 1995-10-31 (Tue, 31 Oct 1995 10:17:33 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Rich Graves <llurch@networking.stanford.edu>
- 1995-10-31 (Tue, 31 Oct 1995 10:30:26 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - James Black <black@eng.usf.edu>
- 1995-10-31 (Tue, 31 Oct 1995 15:05:54 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Kevin L Prigge <klp@gold.tc.umn.edu>
- 1995-10-31 (Wed, 1 Nov 1995 07:48:45 +0800) - PGP On shared machines (was Re: Keyed-MD5, ITAR, and HTTP-NG) - Simon Spero <ses@tipper.oit.unc.edu>
- 1995-10-31 (Tue, 31 Oct 1995 10:17:33 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Rich Graves <llurch@networking.stanford.edu>
- 1995-10-31 (Tue, 31 Oct 1995 09:14:59 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
- 1995-10-30 (Tue, 31 Oct 1995 05:27:28 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - futplex@pseudonym.com (Futplex)
- 1995-11-02 (Thu, 2 Nov 1995 09:28:57 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - hallam@w3.org
- 1995-10-31 (Tue, 31 Oct 1995 10:21:14 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Simon Spero <ses@tipper.oit.unc.edu>
- 1995-10-31 (Wed, 1 Nov 1995 02:12:43 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - michael shiplett <walrus@ans.net>
- 1995-10-31 (Wed, 1 Nov 1995 04:42:06 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - “Perry E. Metzger” <perry@piermont.com>
- 1995-10-31 (Wed, 1 Nov 1995 05:45:06 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - hallam@w3.org
- 1995-11-01 (Wed, 1 Nov 1995 22:25:17 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - “Perry E. Metzger” <perry@piermont.com>
- 1995-10-31 (Wed, 1 Nov 1995 05:45:06 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - hallam@w3.org
- 1995-10-30 (Tue, 31 Oct 1995 03:40:01 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - James Black <black@sunflash.eng.usf.edu>