[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 versus SHA

To: touch@ISI.EDU
Subject: Re: MD5 versus SHA
From: kasten@ftp.com (Frank Kastenholz)
Date: Wed, 29 Mar 95 09:31:54 EST
Cc: touch@ISI.EDU, smb@research.att.com, atkinson@itd.nrl.navy.mil, ipsec@ans.net
Reply-To: kasten@ftp.com

There is a logical flaw with not specifying a 'default' algorithm.
If an algorithm is the "default algorithm" then one can assume that
that algorithm is common to all implementations. Every node and
implementation can be assured that every other node which does
security will do the default.

Now, consider what happens if there is no default. I may implement
algorithms B and C and you might implement algorithm D. Each of these
may be stronger or better (in whatever sense) than algorithm A. But
we will not be able to communicate in a secure manner since we do not
do the same algorithms. We each will say "We are better than A" but
we will not be able to communicate securely. Is this good?

A common, default, widely-fielded, algorithm is required. 

You say that speed is important. It is. But I urge that we specify an
algorithm and field it. Soon. The internet has needed, and lacked, a
security scheme for many years. In part it's because we've always
been searching for a 'better' system -- faster, cheaper, stronger,
etc. We've put off fielding what we have because tomorrow we might
have something better. We might get something better tomorrow, but
what we can field today is infinitely better than what we are using
today.


 > I'd like to suggest something a bit stronger.
 > 
 > While I agree that consensus on strength is important,
 > I would like to argue that consensus on speed is equally important.
 > 
 > If we don't have something that breaks 100 Mbps on a Sparc 10/51
 > in software (ballpark...), I propose that we do not specify
 > a default authentication algorithm at all at this time.
 > 
 > *********************************
 > 
 > If not specifying a default will be detrimental to the acceptance
 > and use of the option, I see this as a challenge to find an
 > algorithm that is fast; not an excuse to use one that is not.
 > 
 > *********************************
 > 
 > I'm still seeking one, if anyone has any ideas.
 > 
 > 
 > Joe
 > 


--
Frank Kastenholz    "The dogmas of the quiet past are inadequate to the stormy
                     present... As our case is new, so we must think anew, and
                     act anew" - A. Lincoln

Prev by Date: Re: MD5 versus SHA
Next by Date: Re: A Modest Proposal
Prev by thread: Re: MD5 versus SHA
Next by thread: Re: MD5 versus SHA
Index(es):
- Main
- Thread