MD5 and its use in Internet Key Exchange



Hi All,

Considering Sotirov, Stevens, Appelbaum, Lenstra, Molnar, Arne Osvik,
and de Weger recent attack on MD5 [1], what can be expected from RFCs
such as 4109 (Algorithms for Internet Key Exchange Version 1) [2]. MD5
is a required 'Old Algorithm Requirement' (from Section 2):

MD5 and SHA-1 for hashing and HMAC functions MUST be supported

Jeff

[1] http://www.win.tue.nl/hashclash/rogue-ca/
[2] http://www.ietf.org/rfc/rfc4109.txt
.