[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 versus SHA

At 10:26 AM 3/29/95, touch@ISI.EDU wrote:
>However, the choice of MD5 for SNMP did not include performance

Jim Galvin, who chaired the original SNMP Security WG, or perhaps one of
the other implementers at that time, would probably be a better person to
comment on this.

However, I recall being at that WG in Santa Fe when MD5 was finally
selected.  Until then, there has been the usual speculation about "too
slow" etc.  At that meeting, the implementers presented performance results
gathered since the previous IETF.  They indicated that the MD5 operations
did not add significantly to SNMP processing and the "too slow" discussion
was a waste of time.

I suggest that what is needed now is experience with prototype ipsec
implementations with MD5 and, if you wish, with other schemes.  Then, and
only then, should a final decision be made.  However, given that we have
begun to accumulate substantial experience with MD5 that is leading to
confidence in its cryptographic strength, the "other" schemes have to be a
"lot" faster than MD5 to risk replacing MD5.  And, if the "other" scheme is
new, and has not been subject to substantial cryptanalysis, it will be too
risky to use anyway.

Have I missed something?