[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WG last call for IPv4 MD5

To: "William Allen Simpson" <bsimpson@morningstar.com>
Subject: Re: WG last call for IPv4 MD5
From: "Perry E. Metzger" <perry@imsi.com>
Date: Mon, 27 Feb 1995 13:31:09 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Mon, 27 Feb 1995 17:32:29 GMT." <4037.bsimpson@morningstar.com>
Reply-To: perry@imsi.com


"William Allen Simpson" says:
> According to reports from the PSRG meeting (two weeks ago), Kalisky says
> we should first hash the text without a key, then hash the {hash,key}.
> This gives the key greater strength in the final hash.
> 
> If he had been designing MD5 for keying, he would have added the key in
> at each step of the block hashing.
> 
> (I got this from Schiller over the phone, so any mistake in reporting is
> entirely mine, as this is a third hand report.)
> 
> Any objections?

Yes! I object to giving Burt credit for Ron Rivest's hash function, and
I object to the misspelling of his last name!

Other than that, no objections; if the commentary is true I'm not
about to argue with Kaliski, although frankly having glanced at it I'm
not sure why MD5(MD5(text),key) would be stronger than MD5(text+key)
given MD5's way of folding in new text into a hash. It would be nice
to get some comments straight from the horse's mouth, as it
were. Anyone remember Burt Kaliski's email address?

.pm

References:

Re: WG last call for IPv4 MD5

From: "William Allen Simpson" <bsimpson@morningstar.com>

Prev by Date: Re: WG last call for IPv4 AH and ESP
Next by Date: Re: WG last call for IPv4 MD5
Prev by thread: Re: WG last call for IPv4 MD5
Next by thread: Re: WG last call for IPv4 MD5
Index(es):
- Main
- Thread