Crypographically Strong Software Distribution HOWTO
Don Davis
dtd at world.std.com
Mon Jul 2 22:06:23 EDT 2001
>> Hans Dobbertin found some weaknesses in MD5 in 1996.
> Also note that RFC 2104 on the HMAC construction used in IPSEC
> explicitly cites Dobbertin and says the attack does not apply:
this is because dobbertin's attack works only
against message-digest applications of md5;
his attack doesn't work against md5 MACs, ie,
when md5 is used to hash a symmetric key with
the plaintext.
but, i generally tell clients to use sha-1 even
for MACs, just to avoid confusing their customers.
- don davis, boston
-
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list