[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AH-MD5

To: bsimpson@morningstar.com
Subject: Re: AH-MD5
From: colin@nyx10.cs.du.edu (Colin Plumb)
Date: Thu, 26 Jan 95 10:30:21 MST
Cc: ipsec@ans.net

> Sigh.  Whatever does this have to do with the current AH draft, or the
> AH-MD5 draft?  Have you read them?

Nothing really, since the inclusion of the length at the beginning
(as many people have pointed out) renders it irrelevant.  It's just
that I didn't know the original attack, and it appeared that some
others didn't, so I thought to describe it.

> Both drafts explicitly state that the IP Total Length is included in the
> hash.

As you point out, that does change things.  But there had been some
discussion of the disadvantages of introducing that format dependency.

(Probably my discussion of countermeasures was out of place since it
wasn't well thought out.)
-- 
	-Colin

Prev by Date: MD5 vs. SHA
Next by Date: Re: AH-MD5
Prev by thread: Re: AH-MD5
Next by thread: Re: AH-MD5
Index(es):
- Main
- Thread