[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 versus SHA -Reply

To: kasten@ftp.com, Ed_Reed@Novell.COM
Subject: Re: MD5 versus SHA -Reply
From: touch@ISI.EDU
Date: Wed, 29 Mar 1995 10:48:29 -0800
Cc: atkinson@itd.nrl.navy.mil, ipsec@ans.net, smb@research.att.com, touch@ISI.EDU
Posted-Date: Wed, 29 Mar 1995 10:48:29 -0800

> From Ed_Reed@Novell.COM Wed Mar 29 08:45:07 1995

> I second Frank's remarks.
> 
> 3) don't let the proposal go forward without some required, common, even if sub-optimal
> required algorithms (two, really - a null facility meaning we're not doing security on this
> session, and one of the algorithms under discussion. 
> 
> 4) for the default algorithm, select on the basis of strength rather than speed.  Other
> algorithms will provide speed.  We're sunk if the mandated algorithm lacks "adequate"
> strength for some measure of adequacy which may be obsoleted at sometime in the future.
> 
> All of this is, of course, modulo import/export and trans-boarder data flow issues.

Any chance of defining MD5-2?

One MAJOR flaw in MD5 is using little-endian (anti-"network standard" byte order).

This means that big-endians incur a byte-reordering cost they don't usually incur.
Little-endians already incur this cost, so it isn't an extra burden on them.

(assuming you're interested in what changes are useful,
 choosing an algorithm with little-endian order on
 a network-entity seems to be correctable...)

Joe

Prev by Date: Re: MD5 versus SHA
Next by Date: Re: IPv6 Security Last Call Initial Questions
Prev by thread: Re: MD5 versus SHA -Reply
Next by thread: Re: MD5 versus SHA -Reply
Index(es):
- Main
- Thread