[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AH-MD5

To: ho@cs.arizona.edu, perry@imsi.com
Subject: AH-MD5
From: hugo@watson.ibm.com
Date: Wed, 25 Jan 95 11:09:09 EST
Cc: IPSEC@ans.net

Ref:  Your note of Tue, 24 Jan 1995 21:47:32 -0700 (attached)


Perry, this is THE answer!

   > ... if someone gave me a cryptographically based argument for
   > appending the key.

 *************************************************************************
 * It's not cryptography so much as secure software engineering, I think.*
 * In practice that's just as important as sound mathematics.            *
 *************************************************************************

(Thanks, Hillarie, for the perfect phrasing).

Also, if you read my original note it says:

   In my opinion, if the IETF goes for a "standard" prepend-MD5
   they should define explicitely
   that the length parameter is prepended to the computation
   (say after the key) and not left to the "luck" of having or not
   the length in a fixed offset in the information (as it "happens"
   to be in the IP header).

If you do that, then my objection is gone.

(Still my cryptographic feelings are inclined to prepend+append but then
the extra computation -even if quite insignificant- is harder to justify).

Hugo

Prev by Date: Photuris Cookies
Next by Date: Use of Keyed MD5
Prev by thread: Re: AH-MD5
Next by thread: Re: AH-MD5
Index(es):
- Main
- Thread