[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposals for key-ed MD5

To: ipsec@ans.net, hugo@watson.ibm.com
Subject: Re: Proposals for key-ed MD5
From: "Housley, Russ" <housley@spyrus.com>
Date: Fri, 07 Apr 95 08:00:22
Cc: jis@mit.edu, galvin@tis.com, burt@RSA.COM, matt@RSA.COM, mihir@watson.ibm.com
Encoding: 722 Text

Hugo:

     ... One advantage of (II) over the plain MD5(K|text|K) is that more 
     than one iteration of MD5 takes place even in case text is very 
     short. Moreover there is an implementation option of pre-computing 
     MD5(K|1|0^383) and using the result as input to the ABCD registers 
     of MD5; in this way the computation due to the prepended key is 
     done only once per key.

I like this.  The precomputation is attractive, and one MD5 operation can 
be used to compute the integrity check value.  In periperial hardware 
implementations, like PCMCIA cards, it is better to have one command do the 
whole thing.  It simply avoids I/O through the relatively slow card 
interface.

Russ

Prev by Date: Re: Proposals for key-ed MD5
Next by Date: Re: Comments on latest IPSP drafts
Prev by thread: Re: Proposals for key-ed MD5
Next by thread: Re[2]: Proposals for key-ed MD5
Index(es):
- Main
- Thread