Re: keyed-MD5 placement of secret

[uri@watson.ibm.com]

William Allen Simpson says:
> I asked the Security Area this many months ago.  We discussed it on the
> M-Bone wrt IPv6, and I believe it was discussed in other fora.  Here is
> the decision:
> > Date: Sun, 11 Sep 94 11:34:19 -0400
> > From: Jeffrey I. Schiller <jis@mit.edu>
> > .... I would recommend the front of
> > the data. in that fashion you can precompute the internal MD5 state (i.e.,
> > initialize MD5, feed it the key and then snapshot its internal state)
> > in order to get better performance.
> >
> Now, unless the Security Area reverses itself, and changes the standard
> in SNMP also, that is what we will use in the AH implementations going
> forward as we speak. There is absolutely no reason to do it differently
> for each MD5 usage.

This is faster but less secure. It isn't possible to tel exactly how much
less [to the best of my knowledge]. Some attacks are possible, unless
length is in certain place and such... I'd ask - what's the rush?
I personally won't care about speed advantage of precomputed
MD5 (unless I'm cracking MD5 key, of course :-)...
--
Regards,
Uri         uri@watson.ibm.com      N2RIU
===========
<Disclamer>

---

References:

• Re: keyed-MD5 placement of secret
• From: "William Allen Simpson" <bill.simpson@um.cc.umich.edu>

---

• Prev by Date: Re: on a more serious note... do we want MD5?
• Next by Date: Re: AH-MD5
• Prev by thread: Re: keyed-MD5 placement of secret
• Next by thread: Re: keyed-MD5 placement of secret
• Index(es):
  • Main
  • Thread