[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MD5 versus SHA -Reply
> From Ed_Reed@Novell.COM Wed Mar 29 08:45:07 1995
> I second Frank's remarks.
> 3) don't let the proposal go forward without some required, common, even if sub-optimal
> required algorithms (two, really - a null facility meaning we're not doing security on this
> session, and one of the algorithms under discussion.
> 4) for the default algorithm, select on the basis of strength rather than speed. Other
> algorithms will provide speed. We're sunk if the mandated algorithm lacks "adequate"
> strength for some measure of adequacy which may be obsoleted at sometime in the future.
> All of this is, of course, modulo import/export and trans-boarder data flow issues.
Any chance of defining MD5-2?
One MAJOR flaw in MD5 is using little-endian (anti-"network standard" byte order).
This means that big-endians incur a byte-reordering cost they don't usually incur.
Little-endians already incur this cost, so it isn't an extra burden on them.
(assuming you're interested in what changes are useful,
choosing an algorithm with little-endian order on
a network-entity seems to be correctable...)