[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Part Three: Field Variance Analysis

To: "David A. Wagner" <dawagner@phoenix.princeton.edu>
Subject: Re: Part Three: Field Variance Analysis
From: Craig Metz <cmetz@sundance.itd.nrl.navy.mil>
Date: Wed, 23 Aug 1995 18:50:16 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Wed, 23 Aug 1995 17:16:02 -0400." <9508232116.AA19735@flagstaff.Princeton.EDU>

In message <9508232116.AA19735@flagstaff.Princeton.EDU>, "David A. Wagner" writ
es:
>> 	Also, I'm not a cryptographer and I don't play one on TV, but it
>> would seem to me that known nonzero but not really important values are
>> probably better than zero values and should not be worse. It would seem
>> to me that information of that sort should be stirred into the pot just to
>> have some nonzero bits in the stew.
>
>No.  They're not.  If the MD5 MAC is found insecure without those extra
>ingredients in the pot, it should be thrown away without delay.  (And I
>want to emphasize that noone has found MD5 MAC to be insecure in that way.)

	This is a question for the crypto people.

>> 	Some discussion should be given to reserved fields. Currently, I
>> believe that reserved fields should be included in the hash for exactly
>> the same reason unknown option fields should be. The argument and cases
>> is exactly the same.
>
>You mean, like the reserved field in the AH header?  (which *is*
>explicity included in the hash)  Or did you mean some other reserved
>field?

	Yes.

									-Craig

Prev by Date: Re: Part Two: IPv4 Options We Can't Handle
Next by Date: ISAKMP formal analysis
Prev by thread: Re: Part Three: Field Variance Analysis
Next by thread: SKIP (Security on the IP Layer) Sources
Index(es):
- Main
- Thread