[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

I-D ACTION:draft-krawczyk-keyed-md5-01.txt

To: ipsec@ans.net
Subject: I-D ACTION:draft-krawczyk-keyed-md5-01.txt
From: hugo@watson.ibm.com
Date: Thu, 28 Dec 95 11:01:05 EST
Reply-To: ipsec@ans.net
Sender: ipsec-owner@ans.net

Ref:  Your note of Thu, 28 Dec 95 05:06:58 GMT (attached)


Bill,

 > I finally had time to read the draft, and I find it unconvincing.

The draft was intended to describe the function and to give some minimal
background. For a full rationale you'll have to read the paper which will be
available in two weeks.


 >
 > It has several inaccuracies, some unsubstantiated claims, and has
 > insufficient detail to understand why the proposed double hash is any
 > more robust than the current technique in the face of a weakness of the
 > compression function of MD5 (or anything else).

Please point to me any inaccuracies you found so I can correct/clarify in
future versions.

If by "unsubstantiated claims" you mean the missing mathematical analysis that's
fine. As I said the draft is not intended to convey that information.
However, excluding the pure technical details I have provided much of the
information on the function's rationale during my presentation in Dallas
and a note to this list that I sent before Dallas.
I will send a copy of that note to you personally in case you missed it.

Hugo

PS: As for the general mathematical theory behind this type of functions you
can read the BCK1 reference in the draft which can be retrieved from the
Web as I have already pointed out in the past.

Follow-Ups:

Re: I-D ACTION:draft-krawczyk-keyed-md5-01.txt

From: Hilarie Orman <ho@cs.arizona.edu>

Prev by Date: Re: ICMP Security Failures
Next by Date: Re: ICMP Security Failures
Prev by thread: Re: I-D ACTION:draft-krawczyk-keyed-md5-01.txt
Next by thread: Re: I-D ACTION:draft-krawczyk-keyed-md5-01.txt
Index(es):
- Main
- Thread