Re: MD5 versus SHA

[Theodore Ts'o <tytso@MIT.EDU>]

   Date: Tue, 28 Mar 1995 15:02:21 -0800
   From: touch@ISI.EDU

   If we don't have something that breaks 100 Mbps on a Sparc 10/51
   in software (ballpark...), I propose that we do not specify
   a default authentication algorithm at all at this time.

If we don't specify a default authentication algorithm at this point,
then we will certainly run as fast as IPv4.  We will also be as secure
as IPv4, which is to say that by default most vendors won't implement
any form of IP security, so we won't be able to use *any* security for a
very long time, and getting everyone to add the same kind of encryption
later will be painfully difficult --- just like IPv4.

For this reason, I think we *must* specify a default authentication
algorithm which vendors must implement.  In the interests of speed,
someone can elect to turn it off (and suffer the security consequences),
but that's a decision which the user should be allowed to make.

This whole emphasis on speed reminds me of the Intel position on the
Pentium --- "It's fast!  What's wrong that you're only 99.9999997% sure
that you got the right answer?"  :-)

If we want ubiquitous security, we have to deploy a defult
authentication option.

							- Ted

---

Follow-Ups:

• A Modest Proposal
• From: "Perry E. Metzger" <perry@imsi.com>
• Re: MD5 versus SHA
• From: bound@zk3.dec.com

References:

• Re: MD5 versus SHA
• From: touch@ISI.EDU

---

• Prev by Date: Re: key-ed MD5 again
• Next by Date: I-D ACTION:draft-ietf-ipsec-aziz-skip-01.txt
• Prev by thread: Re: MD5 versus SHA
• Next by thread: A Modest Proposal
• Index(es):
  • Main
  • Thread