MD5 and its use in Internet Key Exchange

From: Jeffrey Walton <noloader@xxxxxxxxx>
Date: Sat, 7 Feb 2009 22:38:51 -0800 (PST)

Hi All,

Considering Sotirov, Stevens, Appelbaum, Lenstra, Molnar, Arne Osvik,
and de Weger recent attack on MD5 [1], what can be expected from RFCs
such as 4109 (Algorithms for Internet Key Exchange Version 1) [2]. MD5
is a required 'Old Algorithm Requirement' (from Section 2):

MD5 and SHA-1 for hashing and HMAC functions MUST be supported

Jeff

[1] http://www.win.tue.nl/hashclash/rogue-ca/
[2] http://www.ietf.org/rfc/rfc4109.txt
.

Prev by Date: Re: Paper & pencil password algorithm
Next by Date: Re: Multiple layers of encryption
Previous by thread: Why are Western ('democratic') countries censoring the Internet?
Next by thread: Re: Multiple layers of encryption
Index(es):
- Date
- Thread

Relevant Pages

Re: This Weeks Finds in Mathematical Physics (Week 226)
... Yeah, I said SHA-1 and MD5 are different, and I said they were both vulnerable ... Attacking hash functions by poisoned ... where Ldenotes the length of the axiom system A, ...
(sci.physics.research)
Re: Re-secured Algorithm?
... >>MD5 collisions are actually trivial to generate. ... SHA-1 had real collisions in MD5. ... Personal attacks aside I doubt many ...
(sci.crypt)
Re: Crypto Hash functions
... crypto-hash functions were "broken". ... MD5: ... SHA-1: wounded but still fighting. ... If you're signing bulk data, probably SHA-256 is your best bet. ...
(sci.crypt)
Re: Crypto Hash functions
... crypto-hash functions were "broken". ... MD5: ... SHA-1: wounded but still fighting. ... If you're signing bulk data, probably SHA-256 is your best bet. ...
(sci.crypt)
RE: sha-1 cryptography
... MD5 and SHA-1 are not used to ensure Confidentiality, ... the confidentiality of passwords or credit card numbers or the ... Computer Emergency Response Teams, and Digital Investigations. ...
(Security-Basics)